Re: signing a GPG key with multiple uids
Oohara Yuuma wrote:
> When signing a GPG key, is it better to sign all of its uids, or
> just an uid that I see relevant (such as the @debian.org one)?
> I usually meet someone, get a hardcopy of the key fingerprint,
> the e-mail address and so on, then check it later and sign the uid
> which have that address in it.
I prefer to validate each email address. It is mostly a personal
preference but at least I know the uid was valid at one point. I
have a uid associated with an employer account that I do not
have access to. It makes no sense for someone to sign that
uid and I will probably expire it soon.