[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Big problem - GnuPG key deleted

On Tue, Jul 15, 2003 at 12:07:31PM +0200, Gerfried Fuchs wrote:
>  I personally wouldn't do for I can't be sure that it is the same person
> as the last time for my facial memory (and you can apply that to the
> photo IDs, too) isn't that well. I don't know about yours, but I really
> doubt that you would remember all of them.

You did ofcourse verify the emailadresses of the keys you are signing.
Also, the emailadresses on the "new" and "old" key are the same.
Additionally one Gerfried Fuchs doesnt share the same emailadress with
the other Gerfried Fuchs.

You do not only sign the identity of the key, you are also signing that
this identity is using *this* emailadress.
Hopefully cabot will get a common used tool to support this.

Ofcourse, then again,  a problem arises with Cert-Keys that have no
email adress listed.

In any other Cases there should be a decision possible if the new
keyowner is the same as the old keyowner.

NB: i do not favor the mentioned methods to authorize subkeys

Maybe some Guidelines on what to do and what not to do with PGP Keys,
Revocations and sigs should be setup. I also ask myself everytime if i
should sign with 2 or 3 when i met someone, got his keyid&fpr and saw
his ID.

There are people who say 2, there are people that say 3.

| Rico -mc- Gloeckner  |  mv ~/.signature `finger mc@ukeer.de` |
|                                               1024D/61F05B8C |
|          3D67 D42F 2D50 4B68 1D62   E999 EFCB CDFF 61F0 5B8C |

Reply to: