On Wed, Jun 24, 2009 at 3:14 AM, Daniel Kahn
Gillmord...@fifthhorseman.net wrote:
I think that misses a critical point; i want to use my OpenPGP key for a
variety of purposes both in and out of debian. I consider it a baseline
tool for managing my digital identity. While i'm happy to obey
On Wed, Jun 24, 2009 at 09:30:52AM +0800, Paul Wise wrote:
Would subkeys help in this scenario? (hint hint, some good docs about
real-world subkey usage are needed).
Subkeys cannot (to my knowledge) be used for certification (i.e. key signing).
At least not with stock gnupg.
Kind regards,
On 06/23/2009 12:34 PM, Manoj Srivastava wrote:
Frankly, recording the details of the verification performed is
a first step to improving the ability to assess the strength of the
link in the web of trust. A simple key sig is not enough, there could
be a formal process to add to the
On 06/23/2009 02:52 PM, martin f krafft wrote:
Additional metadata, e.g. number and expiration date would
be helpful.
This would certainly be useful from the smiting perspective, but might
raise privacy concerns if people don't want their passport number (or
whatever) bound to their OpenPGP