Hi, On Tue, Apr 15, 2008 at 12:42:43AM +0200, Herbert Furting wrote: > On Mon, 2008-04-14 at 23:20 +0100, Peter Lewis wrote: > > Ah yes, thanks. So I have now set the owner-trust for his key to "full", > > but > > still it says "unknown" for the other UIDs. So, I should manually set the > > trust for keys / UIDs that I think I trust based on who has signed them? > Sorry,.. I haven't read your initial post correctly. > As David said in the meantime new UIDs are of course _not_ recognised > automatically (a user could simply add a completely wrong name). You > have to sign the UID (better said, key+UID). > You should only do so, if the name is the same (or if you know that the > key holder goes by that name). > > If the new UID just contains a new email address, you should really > check if the keyholder "controlls" that email address. > You can do so, by sending him an encrypted challenge.
I remember Werner saying that this was just nonsense. Werner, can you correct me if I'm wrong? Best wishes Michael -- Free Software Foundation Europe (FSFE) [] (http://fsfeurope.org) Join the Fellowship of FSFE! [][][] (http://fsfe.org/join) Your donation powers our work! [] (http://fsfeurope.org/donate) _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
