newbie question about identities
Stewart V. Wright
svwright+lists@amtp.liv.ac.uk
Mon Oct 6 14:31:01 CEST 2003
--ADZbWkCsHQ7r3kzd
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
G'day Neil,
* Neil Williams <linux@codehelp.co.uk> [031003 19:40]:
> On Friday 03 Oct 2003 10:14 am, Stewart V. Wright wrote:
> > for example. I have 4 different ids and at least 2 of them will not
>=20
> Which makes 0xb3334559 difficult to retrieve sometimes. It took a little=
=20
> searching before I could find it to verify a signature declared initially=
as=20
> 0x35DB7472 which is a subkey.
Indeed, this is a bit of a problem that has been bubbling away in my
subconscious for some time.
> It would be handy if you mentioned the public keyid 0xb3334559 in your=20
> signature line in all signed emails - hkp:// keyservers don't contain the=
UID=20
> that matches your current signature but at least it gives readers a heads=
tart=20
> on finding your key. Better still would be a simple page on a website=20
> mentioned in a sig or GnuPG comment allowing the full key to be downloade=
d in=20
> ascii armour.
> (Mine's on the codehelp.co.uk site but it's a plain key and doesn't have =
any=20
> features that cause problems on hkp:// keyservers so I wouldn't think the=
=20
> page is needed much.)
I use Werner's suggested X-Request-PGP header...
X-Request-PGP: http://www.liv.ac.uk/~svwright/security/keys.asc
My regular (i.e. professional) .sig is four lines long already. Any
longer and I'd be breaking the McQ "rules".
> There's no string specifying a location in the GnuPG signature comment, t=
he=20
> subkey ID is not on hkp:// keyservers and your email address isn't found =
on=20
> sks.dnsalias.net keyserver either (which tends to be able to cope with ke=
ys=20
> that get corrupted/ignored by other keyservers). sks does have the key, b=
ut=20
> searching by name is always my least favourite option - there are so many=
=20
> matches usually that it takes time to find out if you've got the right on=
e.
Ah. OK. I'm doing a key signing in the next week or so (anyone near
Liverpool in the UK who wants to get involved?), so I'll spread it
around further then.
=20
=20
> > Also, there are umpteen keys on the key servers with my name (id)
> > attached to them (really should have learnt about revoking all those
> > years ago!) but only two are valid at the moment.
>=20
> Some appear to be revoked but none match the signing subkeyID of this mes=
sage.
> http://www.pgp.uk.demon.net:11371/pks/lookup?op=3Dindex&search=3DStewart+=
V.+Wright
True. I was just indicating that one can have multiple keys
associated with a single email address. Thus email/name "id" is not
able to distinguish between keys, but fingerprint "id" is.
Cheers,
S.
--=20
European Citizens: Please do a little work to convince the European
Parliament to reject software patents. This page explains the issue
and provides suggestions for action; take the time to participate.
http://swpat.ffii.org/
--ADZbWkCsHQ7r3kzd
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iH8EARECAD8FAj+BUvA4Gmh0dHA6Ly93d3cubGl2LmFjLnVrL35zdndyaWdodC9z
ZWN1cml0eS9ncGctcG9saWN5Lmh0bWwACgkQaBqfzTXbdHIGSwCghNUGnux570Nc
pSCS02tPe4h662kAn11o6kRv6Agb8NOo0Z1aV6srMdpI
=IapO
-----END PGP SIGNATURE-----
--ADZbWkCsHQ7r3kzd--
More information about the Gnupg-users
mailing list