Ted Unangst <[email protected]> wrote: > To that end, I think the comment should be marked as untrusted, and > signify should even check that it says untrusted. Hopefully this makes > it a little harder to con somebody into believing the comment actually > should be trusted.
I think somebody who can be conned into accepting a key will not understand or think about "untrusted comment". > (I'm also open to reconsidering whether keys should include > identifiers. Perhaps a random id created during key generation? Just > enough to say "you're using the wrong key.") I'm in favor. -- Christian "naddy" Weisgerber [email protected]
