-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi
On Monday 17 May 2010 at 9:54:38 PM, in <mid:[email protected]>, Ingo Klöcker wrote: > The problem with > something like OpenPGP notations or anything else > that's not part of the User ID is that most people > will never see this information. Most people will only > see the user IDs (because that's the only thing the > applications they use show to them). That's a good point. Even if checking signatures, such things might not be shown to the user. > Another use case would be marking a key as deprecated. > First, you'd add a new user ID "This key is deprecated; > use key 0xAABBCCDD instead" (okay, I'm not really > using the comment field here) and then you'd revoke > the signatures on all user IDs. Of course, there are > other more appropriate ways defined in the spec to do > this, but IMHO putting the information right in the > users face is much more effective than hiding it in > some obscure fields. Presumably you would also make that User ID the primary one, so that it had maximum visibility (-; Of course, anybody gaining control of your secret key could do the same and suggest people used a key of their own creation instead... Hopefully your contacts would check the validity of the suggested replacement before encrypting to it. - -- Best regards MFPA mailto:[email protected] Vegetarian: Indian word for lousy hunter!!! -----BEGIN PGP SIGNATURE----- iQCVAwUBS/K4iaipC46tDG5pAQoN/gQAoQ+TXM0urtMfOAiWzaPNDaTFuRCMyowE 6ajH36t7l5RlBJnzyhaNmoe6uKmC8s953GF1aY6GnSIbp8GETmqJ71PsdvyuKYpD jvPY/YSUMBzXI5Qx/ts+ZQlqouUXlwxbahH7vb8kM+l51ncpmqQVSUU5xd0fjyuf WDV/QLH7cFE= =rL7+ -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
