Multiple User-Ids

[Werner Koch]

While implementing the Trust-Logic, this question arose:

What are the reasons that PGP handles all user-ids independently?  It is 
time consuming to sign every user-ids and it blows up the size of the 
certificate.  

I don't understand the security issues with this.  I think it is good enough
to just sign the first user-id and to do the trust check based on this.
More user-ids may be added with a self-signature and trust is calculated
user-id carrying the signatures (of course after validating the self-signature
of the specifies user-id).

If the user has the option to re-assign the order of user-ids, he his also
able to indicate preferred mail addresses. 

Any opinions?


-- 
Werner Koch, Duesseldorf  -   werner.koch at guug.de   -  PGP keyID: 0C9857A5