UI terminology for calculated validities

MFPA 2014-667rhzu3dc-lists-groups at riseup.net
Wed Apr 23 21:32:27 CEST 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
NotDashEscaped: You need GnuPG to verify this message

Hi


On Tuesday 22 April 2014 at 11:38:36 PM, in
<mid:5356EF6C.30201 at fifthhorseman.net>, Daniel Kahn Gillmor wrote:


> Did you see my two proposals at the end
> of my note about ways it could be improved if anyone
> has time and effort to put into it?  the "same owner if
> both assert the same user ID" fix might be the
> least-fiddly one, which would catch a large fraction of
> the cases in question.


Would it be feasible to have a signature notation for use when
signing other keys you own, that could potentially be parsed by
GnuPG? It would have to be reciprocal to prevent abuse.

Say a user has two keys, 0x0123456789abcdef and 0xfedcba9876543210. I
propose each key could sign the other with a signature notation
something like:-
siblings-0x0123456789abcdef-0xfedcba9876543210 at example.org.

If there were more than two keys it could be extended, or maybe each
pair would have to cross-sign. When GnuPG encountered "siblings" from
the same set that had cross-signatures with this notation, the
"family" could be counted only once in trust calculations.




--
Best regards

MFPA                    mailto:2014-667rhzu3dc-lists-groups at riseup.net

Did you hear? They took the word gullible out of the dictionary
-----BEGIN PGP SIGNATURE-----

iPQEAQEKAF4FAlNYFV5XFIAAAAAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl
bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0
N0VDQTAzAAoJEKipC46tDG5pqfUEAIrOAus4esvo6/Jo3XGZEQPDAZEPxHQYn3K3
s9uf6WACvJP3Uheql5A3E3PK26R6W55xXZ88hC5bcDChuUC2sApujrE0Rkm8NNsi
mwjn4tPpuYTJviGZelbwkghh/6O6AEbRjIoS6fH9daFC6b/FFvAAQ3ILfVaf7ajS
YP5vqY3F
=Jr/G
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list