Signing multiple keys
Nicholas Cole
nicholas.cole at gmail.com
Sat Aug 27 15:12:20 CEST 2011
On Sat, Aug 27, 2011 at 1:03 AM, Doug Barton <dougb at dougbarton.us> wrote:
> I have a particular concern that if I sign a key with "I checked
> carefully" that I really did. Moreover, I have a philosophical prejudice
> that if I *can't* say "I checked carefully," why bother?
>
> That said, I have in the past run across people who still have old
> e-mail addresses that they no longer have access to on their keys, so
> it's more than a theoretical issue, for me at least.
I see. So your procedure is to check that the name on the key matches
some ID, and THEN check separately that the key at least appears to
control the email addresses it claims.
Which does make a certain sense, I can see. :-)
Thank you for explaining.
Best wishes,
Nicholas
More information about the Gnupg-users
mailing list