cross-certification

David Shaw dshaw at jabberwocky.com
Wed Sep 13 18:40:59 CEST 2006


On Wed, Sep 13, 2006 at 06:21:43PM +0200, Werner Koch wrote:
> On Wed, 13 Sep 2006 17:20, David Shaw said:
> 
> > I think this is not a good idea - at least, not yet.  At the moment,
> > there are very few keys that have cross certification, and GPG is the
> > only program that generates keys with it.  If
> > --require-cross-certification is set by default, it will pretty much
> > break signing subkeys for most people.
> 
> My reasonsing is that people who are going to use gpg2 need to be a
> bit adventurous anyway and thus they should be able do create the
> backsigs.

Absolutely, but the problem with backsigs is that it requires the
*other* person to create them.  It is true that someone using gpg2
should be savvy enough to be able to turn the backsig check off,
though.

> Lets see how this works out.  It will be easy to change it back for
> the 2.0 release.

Ok.

David



More information about the Gnupg-devel mailing list