On Feb 26, 2010, at 4:03 PM, MFPA wrote: > Not including your name or your email address in the UID offers > protection against the accidental upload scenario. But somebody could > still generate a key with a UID suggesting nefarious activities, sign > your key with it, and upload it. Or their UID could simply identify > whose was the key with the obfuscated UID.
The nefarious UID signature is not uncommon. There are many "[email protected]" keys (and other famous figures) that have signed well-known keys. It's just easily-ignored noise, though, and has no impact on the web of trust. David _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
