-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi
On Monday 16 September 2013 at 7:57:04 PM, in <mid:52375480.7020...@dougbarton.us>, Doug Barton wrote: > I have another philosophy that works for me because I > prefer not to sign uids that are not valid. What, in your opinion, makes a UID "not valid?" > I send > encrypted e-mail to each uid with a pseudo-random > string and ask the person to send me back the string in > a signed message. That allows me to determine if the > person has control of all 3 elements of the uid; the > e-mail address, private, and public keys. I thought that as soon as a public key is published or shared, the person who created it no longer has control. - -- Best regards MFPA mailto:expires2...@ymail.com I would like to help you out. Which way did you come in? -----BEGIN PGP SIGNATURE----- iQCVAwUBUjdf3aipC46tDG5pAQpGWAP/TKN0sQ5ouAyfFeE7PMniShbBg9ipK+Jo /DGUI6htci0tZz2c5aEYuFYfZMh3unAUltF/0UbsZQ1DQx7cn6GUrRR1IC2DiIaI JzeYC5bYKWi1Wv+MONr6686Y4ucbkC7yhJ2bNnL5kHR1Ygfv0uwoug5TXHM/AGRO GT1Y2Srukuc= =wJtK -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
