Comment fields in the User ID [was: Re: Help me to import my secret key please]
MFPA
expires2010 at ymail.com
Tue May 18 17:55:51 CEST 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi
On Monday 17 May 2010 at 9:54:38 PM, in
<mid:201005172254.39533 at thufir.ingo-kloecker.de>, Ingo Klöcker wrote:
> The problem with
> something like OpenPGP notations or anything else
> that's not part of the User ID is that most people
> will never see this information. Most people will only
> see the user IDs (because that's the only thing the
> applications they use show to them).
That's a good point. Even if checking signatures, such things might
not be shown to the user.
> Another use case would be marking a key as deprecated.
> First, you'd add a new user ID "This key is deprecated;
> use key 0xAABBCCDD instead" (okay, I'm not really
> using the comment field here) and then you'd revoke
> the signatures on all user IDs. Of course, there are
> other more appropriate ways defined in the spec to do
> this, but IMHO putting the information right in the
> users face is much more effective than hiding it in
> some obscure fields.
Presumably you would also make that User ID the primary one, so that
it had maximum visibility (-; Of course, anybody gaining control of
your secret key could do the same and suggest people used a key of
their own creation instead... Hopefully your contacts would check the
validity of the suggested replacement before encrypting to it.
- --
Best regards
MFPA mailto:expires2010 at ymail.com
Vegetarian: Indian word for lousy hunter!!!
-----BEGIN PGP SIGNATURE-----
iQCVAwUBS/K4iaipC46tDG5pAQoN/gQAoQ+TXM0urtMfOAiWzaPNDaTFuRCMyowE
6ajH36t7l5RlBJnzyhaNmoe6uKmC8s953GF1aY6GnSIbp8GETmqJ71PsdvyuKYpD
jvPY/YSUMBzXI5Qx/ts+ZQlqouUXlwxbahH7vb8kM+l51ncpmqQVSUU5xd0fjyuf
WDV/QLH7cFE=
=rL7+
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list