On 05/11/2018 21:12, Juergen Bruckner wrote:
If I want an "independent" ID verification on my GPG key, I can also use
CAcert. There the signing of GPG keys is offered for a long time.
Signing is easy. The difficult part is 1) to create a system in which
you can prove that the key really belongs to the user specified in the
userID 2) to make contracts singed by verified key legally recognizable
and enforceable.
We are working on 1) and 2)
For 1) I mean the case when users has signed a document or contract, and
after that this user claims that the signature was not made by his key.
In such case, I think signing keys on 'key signing party' is not
reliable. There must be a known key verification procedure, and a
permanent repository of information and documents that were used to
verify the key.
And we actually not sign keys. From two reasons:
a. If you automatically trust the signing key, compromising the signing
key breaks the entire system.
b. In many countries, generating or signing cryptographic keys requires
a license. We create a system that should work the same way and legally
in all countries. And we do not sign key certificates. We only attach to
them information about the owner of the key, which the user manually
checks before adding this certificate to his list of trusted certificates.
Best regards,
Viktor Ageyev
CEO/CTO, Cryptonomica.net
best regards
Juergen
Am 05.11.18 um 18:03 schrieb Damien Goutte-Gattat via Gnupg-users:
Hi,
On Mon, Nov 05, 2018 at 05:13:41PM +0100, Juergen Bruckner wrote:
I just tried to register with a key who has several user-ID's
(e-mail-adresses) and I always got the error that the user-ID is not the
same as in log-in/registered e-mail.
From what they say on the home page [1] this is expected: your key is
supposed to have only one user ID whose email component must match
the email address of your Google account...
... which, by the way, is a big "no" for me. :/
Damien
[1] https://cryptonomica.net/#!/
To become member of Cryptonomica:
[...]
Public PGP Key should have one user ID with first name, last
name and user e-mail. E-mail in the key should be the same as in
Google account, that you use to login to Cryptonomica server.
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
