On Feb 26, 2010, at 4:03 PM, MFPA wrote: > Not including your name or your email address in the UID offers > protection against the accidental upload scenario. But somebody could > still generate a key with a UID suggesting nefarious activities, sign > your key with it, and upload it. Or their UID could simply identify > whose was the key with the obfuscated UID.
The nefarious UID signature is not uncommon. There are many "presid...@whitehouse.gov" keys (and other famous figures) that have signed well-known keys. It's just easily-ignored noise, though, and has no impact on the web of trust. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
