Stan Tobias schrieb:
If a public key has a UID1, which I already
trust, and a new UID2 is added, why can't I infer trust for the new uid?
(...)
So the
only person that could have added UID2 is the one that is in control of
UID1 (supposedly, it's the same person). Why is there a need to check
anything?
Because you do not know whether the owner of UID1 is also the owner of UID2.
Let's say, someone trusts my key and my user-id on that key.
Now, I add another ID: "Stan Tobias <[EMAIL PROTECTED]>"...
No good idea to trust that without checking, is it?
cu, Sven
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
