On Mon, Jul 24, 2006 at 09:50:22PM +0100, Tony Whitmore wrote: > I'm still working on getting my card reader to work, but in the > meantime, I have a couple of questions regarding key-signing ettiquette > following a session at LUG Radio Live last weekend. I hope the questions > are not OT, I've checked the HOWTOs & FAQs, but there's some ambiguity > in them. > > First: Is a photo driving licence considered adequate identification? > I'm in the UK so we have UK / EU photo driving licences. I have > previously only used passports as ID, but some people were presenting > driving licences instead.
It depends on what *you* think. Some people do accept driver licences as adequate identification. Some don't. I do, for what it's worth. > Second: I've already had back some e-mails, encrypted with my public > key, with signatures attached ready for me to upload to a keyserver. I > usually use the procedure described at [1], which requires the > additional verification of the encryption, exchange and decryption of a > random amount of text before signatures are sent. Obviously I have to be > able to decrypt the e-mail successfully to access the signature they > have sent me, but is this considered a safe and appropriate way to sign > keys? No, it's not. Some people do it, though. Note that there is a difference between what page at http://www.hantslug.org.uk/cgi-bin/wiki.pl?LinuxHints/KeySigning says and what you say above. The page (correctly) notes that all that is necessary is that the person *sign* the challenge before sending it back to you. The page makes clear ("encrypted, if you like") that encryption is optional here, and adds little to what you are trying to prove. It doesn't matter if other people can read the signed challenge or not. Of course, it doesn't hurt to encrypt, so long as it is understood that it doesn't really help either. Take a look at the thread starting at http://lists.gnupg.org/pipermail/gnupg-users/2006-July/028949.html It has a pretty good discussions of various issues around keysigning. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
