Am Fr 25.04.2014, 11:20:08 schrieb Peter Lebbing: > On 25/04/14 04:49, Hauke Laging wrote: > > Another point: > > Is it a good idea to use the same terms for both the key itself and > > user IDs? > > What do you mean? Validity (and it's proposed new form, authenticity) > refers to the coupling of a key and a User ID. It doesn't refer to > either thing by itself. Does it?
Of course, it does:
start cmd:> LANG=en gpg --edit-key 0x1a571df5 quit
pub 4096R/0x1A571DF5 created: 2012-11-04 usage: SCE
trust: ultimate validity: ultimate
This is a statement about the key, not about some UID.
Or:
start cmd:> gpg --with-colons --list-keys 0x1a571df5
pub:u:4096:1:BF4B8EEF1A571DF5:1351995465:1415197758::u:::escESCA:
uid:u::::
uid:u::::
uid:u::::
/usr/share/doc/packages/gpg2/DETAILS:
2. Field: A letter describing the calculated validity.
The key itself must have such a state for the simple reason that you can
select an encryption key via the UID but you (usually) cannot know
"which UID" has made a signature. You just know the (sub)key. The WoT is
calculated over key validities not over UID validities.
Hauke
--
Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
http://userbase.kde.org/Concepts/OpenPGP_Help_Spread
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
