On Tuesday 15 April 2008 at 14:11:48 Sven Radde wrote: > Stan Tobias schrieb: > > If a public key has a UID1, which I already > > trust, and a new UID2 is added, why can't I infer trust for the new uid? > > (...) > > So the > > only person that could have added UID2 is the one that is in control of > > UID1 (supposedly, it's the same person). Why is there a need to check > > anything? > > Because you do not know whether the owner of UID1 is also the owner of > UID2. > > Let's say, someone trusts my key and my user-id on that key. > Now, I add another ID: "Stan Tobias <[EMAIL PROTECTED]>"... > No good idea to trust that without checking, is it?
But isn't that the point of signing new UID's with the original one? Pete.
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
