Signing

Hauke Laging mailinglisten at hauke-laging.de
Sun Jan 2 20:29:13 CET 2011


Am Sonntag 02 Januar 2011 19:36:02 schrieb takethebus at gmx.de:

> >> How is this "connection" done?
> >
> > By a self-signature. Same for the subkeys.
> 
> Sorry, I don't understand what you mean. Could you please explain it again?
>  Let's say Alice signs Bob's user ID together with Bob's public master
>  signing key.
> 
> What does "together" mean in this context? Does it mean, that the public
>  signing key and the user ID are both signed with Alice's private key, but
>  seperately?

Together is the opposite of seperately. The combination is signed. The one 
signature is not valid for the key or the UID alone, only for both together.


> Is a signature on Bob's user ID only accepted, if Bob has the same
>  signature on his public master signing key?

The signature is accepted if it signs the combination of key and UID.


> Is the last procedure really called "self-signing". Alice cannot self-sign
>  Bob's key, as she doesn't have his private key.

Correct. "Self-sign" refers to the key making signatures for its own 
components in contrast to signing other keys.


Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110102/e8444532/attachment.pgp>


More information about the Gnupg-users mailing list