-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Psy-Kosh wrote: > > > Not to mention that anyone can sign keys, independant of the will of the > key's owner. (I think a protocol to actually remove unwanted sigs from a > key may be useful. (ie, a way to have the removal propagated by the > keyservers)) For instance, a friend of mine apperently signed my key > with a couple nonsense keys he generated just to emphasize the point. > > Psy-Kosh
Yes, signatures on a key should probably be revokable by the keys owner. But it would take a newer version of the OpenPGP standard for this to happen. Anyway, a signature on a key means nothing whatsoever unless you happen to trust the key that issued the signature, so unless you countersigned the key that signed yours, there is a high degree of deniability. - -- Alphax OpenPGP key: 0xF874C613 - http://tinyurl.com/cc9up http://en.wikipedia.org/wiki/User:Alphax There are two kinds of people: those who say to God, 'Thy will be done,' and those to whom God says, 'All right, then, have it your way.' - C. S. Lewis -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCs6iN/RxM5Ph0xhMRAsvBAJ9Wxk3M98yP3gIHB5a6RnLZPi5K/wCfU/1c Rzr4P90t4u0sIhRTr314a+Q= =lFxc -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
