On 02/03/2011 05:22 PM, Jameson Rollins wrote: > On Thu, 03 Feb 2011 17:10:58 -0500, "Robert J. Hansen" <r...@sixdemonbag.org> > wrote: >> Zero. Comments don't get certified. All my signature means is I have >> met this person face to face, have seen two forms of government >> identification, have confirmed a fingerprint and exchanged an email at >> that address. There's nothing in my signature policy that addresses >> comments, nothing at all. > > I'm not sure I understand this comment. Certifications are over user > IDs. The comments are in the user IDs. By certifying the full user ID > you are also certifying the comment.
Just to clarify this point:
If i meet Robert in person, show him my gov't IDs, my fingerprint, and
we exchange e-mails, Robert would probably be fine certifying this User ID:
Daniel Kahn Gillmor <d...@fifthhorseman.net>
But i suspect he would not want to certify this User ID:
Daniel Kahn Gillmor (I am really Robert Hansen) <d...@fifthhorseman.net>
And he would be right to do avoid certifying it.
--dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
