Am Mittwoch 12 Mai 2010 20:29:18 schrieb Joel C. Salomon: > I generate two keys, one low-security (e.g., “Joel Salomon webmail”) and > one high-security (“Joel Salomon smartcard”). I sign the low-security > key with my high security key, but I don’t ask others to sign it; the > only key I put into the web of trust is my high-security key. > > If the low-security key is compromised, can the attacker rename it (or > otherwise fool people into thinking it’s my high-security key) without > removing my (high-security) signature on the key?
The main problem is: How do people recognise your high security key as such? By the comment only? The next problem: (AFAIK) You cannot prevent people from signing your keys. Furthermore this feels a bit strange to me. The basic rule is: The more signatures, the better. And now a feature shall be based on avoiding signatures? :-S CU Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
