On 2013-09-14 at 20:46 -0500, John Clizbe wrote: > 2) JimBob lsigns his own key, creating a non-exportable selfsig then delsigs > all of the exportable selfsigs. This is shooting oneself in the foot. If we > honor no-export on a selfsig, we create keys with UIDs that have no binding > signature. THIS IS VERY VERY BAD. I think the RFC folks should probably have > been more explicit on this case, but to be fair, it's probably a use case they > did not anticipate.
I can see a use for this. If I'm creating a PGP-using role service, managed by several people, where the key needs to be online in the role account, I might want to avoid letting the service's own PGP key be something that others can import and provide signatures for. It's explicitly a service which can be set to trust other keys, but should not be trusted by other people. That key would probably have some lsigns on a few PGP keys belonging to the people who administer the service. It's a decent way to declare that a key should not appear in public keyrings such as those in keyservers, while still being able to *use* PGP and automatically maintain trust paths. I do *not* think that it is censorship for a keyserver to honour an attribute of a signature, where the attribute is covered by the signature. If a signature is marked 'local', honouring its own conveyed wishes is not censorship, it's discretion. -Phil
pgpUYEfi2E9od.pgp
Description: PGP signature
_______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
