Am Sa 12.10.2013, 00:53:30 schrieb Robin Kipp: > > "Robin Kipp (normal security level subkeys with offline mainkey)" > > This is something I'm not really sure about, for the reasons that Daniel > pointed out in his reply - putting in such a 'dummy UID' might confuse > someone wanting to sign my key, as it cannot be verified.
It is a very strange assumption that only such things should be certified that can be "verified". The certifier makes a statement. This is a) "I have seen a passport or similar document and compared that to the person I met" or b) "The person I met has claimed that the mainkey of this certificate is used in a secure offline environment only" What makes the one statement better than the other? You usually cannot prove that a certain person has shown you a certain passport-like document. And without a manual signature you cannot even prove that the person has claimed that a certain key belongs to him or her. The WoT will stay close to useless if we do not get a system for certifying such status information. And what do you lose if someone does not certify this UID? Nothing. On the other hand many people who were not aware of the feature learn that there is something called an "offline mainkey" and thus may learn something very important about crypto keys. > as I wouldn't want to sign someone else's key before > my knowledge and understanding is more mature. For that problem the local signature (lsign) was invented. > As for the preferred > keyserver, I think Daniel's comment on that makes sense. For example, I use > eu.pool.sks-keyservers.net, which links to a pool of servers rather than > just a single server. I'm not sure if putting in an address like that would > make sense at all… Robin I set eu.pool.sks-keyservers.net as the preferred keyserver for all keys which I create or help create. Why should that be a problem? Because we don't know whether some technical failure may occur? Hauke -- Crypto für alle: http://www.openpgp-schulungen.de/fuer/bekannte/ OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
