Robert J. Hansen <4fcc11f2.6050...@sixdemonbag.org> June 4, 2012 4:22:54 PM wrote:
[snip] > Also, if there are any questions you feel are missing, throw them out > too. Thank you! Section "4.7 How do I validate another person’s certificate?" does not deal with what one should do once she/he has signed another person's certificate (after completing the validation process). I believe the etiquette is that the signed key block should be returned to the certificate's owner, for her/him to do what he/she deems convenient, e.g. upload it to a keyserver. The signer himself/herself should not upload the sign key block to a key server, or publish it in any other way, without the certificate's owner explicit authorization or request. That may be hair splitting and not etiquette, but I believe the issue should be clarified. I have had at least two of my certificates signed by someone with whom I had never gone through any kind of validation process, or even discussed the possibility of such a process. The person just signed my certificate and uploaded it to a keyserver. End of rant. Charly. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
