keys require a user-id

Vincent Breitmoser look at my.amazin.horse
Sun May 17 10:48:43 CEST 2020


Hey folks,

this thread touches on userid-less keys, and keyservers.

I agree with Peter and Rob's points that userid-less keys are questionable for
use as-is. OpenPGP transfers information in the self-signatures of user ids. If
we use keys without any known UID, we might miss out on e.g. expiration dates,
or key flags.

There is one more angle to this topic: key updates. keys.openpgp.org uses
userid-less keys in some cases, to distribute revocations and subkey updates.
More specifically, this happens when no User ID on a key has been verified.

The logic is simple:

1. Without consent, we don't distribute email addresses.
2. We want to distribute revocations and subkey updates regardless.
3. Revocations and key updates are cryptographically independent from User IDs.

A key store that already has a UserID for some key can integrate revocation
certificates and subkey updates from such a userid-less key into its local
certificate. Implementation-wise, this is easy to do.

GnuPG upstream rejects such updates. Conretely, if you hand a primary key with
only a revocation signature to GnuPG, it will parse the revocation, verify that
it is cryptographically valid, and then throw it away.

For those interested, this issue has been discussed at length here:
https://dev.gnupg.org/T4393

Cheers

 - V




More information about the Gnupg-users mailing list