key signing
Tuyen DINH
tuyen.dinh@risc.fr
Fri Jan 3 08:48:02 2003
dshaw@jabberwocky.com (David Shaw) wrote:
> On Thu, Jan 02, 2003 at 03:18:12PM +0100, Tuyen DINH wrote:
> >
> > Hello,
> >
> > When you want to sign a key you have just imported, in which cases will
> > you choose one the following choices :
> >
> > (0) I will not answer. (default) ?
> > (1) I have not checked at all. ?
>
> If you type a question mark (?) when GnuPG asks this question, you
> will get a long explanation. That text is:
>
> --------------------------
>
> When you sign a user ID on a key, you should first verify that the key
> belongs to the person named in the user ID. It is useful for others
> to know how carefully you verified this.
I wondered : if I have no idea about the key's authenticity, is it worth
it to sign it ? (except sign it locally)
> "0" means you make no particular claim as to how carefully you
> verified the key.
>
> "1" means you believe the key is owned by the person who claims to own
> it but you could not, or did not verify the key at all. This is
> useful for a "persona" verification, where you sign the key of a
> pseudonymous user.
What is the interest for others to know that I couldn't check its
authenticity ?
Or maybe this is just an information for myself ?
--
Tuyen