On Fri, 2005-01-21 at 07:52 +0900, Georgi Georgiev wrote: > maillog: 20/01/2005-09:57:24(-0500): Chris Gianelloni types > > On Thu, 2005-01-20 at 14:11 +0900, Georgi Georgiev wrote: > > > > > To see what I mean -- gpg --refresh-keys [EMAIL PROTECTED] and verify the > > > signature of this message. The latest uid that I just created has no > > > name associated with it, so no need for an ID, right? I just need to > > > prove that [EMAIL PROTECTED] is my address, right? > > > > Say what? No. You would be signed that [EMAIL PROTECTED] is Georgi > > Georgiev and has the key ID 44F51266. > > Really? But I was talking about signing only the UID that has no name.
Why the hell would we do that? > > Adding another uid to the same > > key, with or without a name, won't change that. Also, when you sign, it > > asks you if you want to sign all the uid for the key. I would say "no" > > to that and only sign the one I have verified myself. > > Yes. So don't sign the UIDs that have names. Only the anonymous one. Again, we aren't out to try to circumvent the process, so your point is moot. We wouldn't sign the "anonymous" uid. -- Chris Gianelloni Release Engineering - Operational/QA Manager Games - Developer Gentoo Linux
signature.asc
Description: This is a digitally signed message part
