On Tuesday 15 April 2008 at 15:05:45 Sven Radde wrote:
> Signing a new UID with the same key that was used to sign another UID
> proves that the same person that created the first UID created the
> second one.
> It does not prove that the person controls (or, is identified by) the
> second UID.
>
>
On Tuesday 15 April 2008 at 14:11:48 Sven Radde wrote:
> Stan Tobias schrieb:
> > If a public key has a UID1, which I already
> > trust, and a new UID2 is added, why can't I infer trust for the new uid?
> > (...)
> > So the
> > only person that could have added UID2 is the one that is in control of
On Tuesday 15 April 2008 at 12:39:43 Herbert Furting wrote:
> gpg uses a so called trust modell (there ary actually several
> different), where you can each UID/key an specific amount of trust.
> You can give:
> n Never trust this key.
> m Marginall
On Monday 14 April 2008 at 23:42:43 Herbert Furting wrote:
> If the new UID just contains a new email address, you should really
> check if the keyholder "controlls" that email address.
> You can do so, by sending him an encrypted challenge.
Ah, thanks, that makes sense. And then I can sign his ne
Thanks Herbert, David, for the quick replies.
On Monday 14 April 2008 at 22:50:46 Herbert Furting wrote:
> Trust and signatures are different things (of course they are
> connected).
>
> You can change the trust on the key with the "trust" command when
> editing his key.
Ah yes, thanks. So I have
Hi there,
Firstly, apolgies if this is a simple query. I didn't get the answer though
from reading the manual.
My friend and I signed each others' keys last week. However, since then he has
added another UID with his work email address to his key. This showed up in
my keyring when I sync'ed wi