On Sun, Aug 16, 2015 at 04:26:16PM +0200, Stefan Claas wrote: > > What i meaned whith my initial post was that it should in the > future not be possible to sign someones pub key directly, to > prevent unwanted signatures. Sure one can revoke his/her pub > key, but how often would you like to do that if a "prankster" > has lot's of energy?
What harm do your see in "fake" signatures? There is a possibility of someone making your key excessively large to download by adding tons of signatures to it. If that happens, the correct place to fix it is probably the keyserver code. Your "signed signatures" proposal would not inherently eliminate this problem; Alice would still need to make a signature on Bob's key and upload it to the server in order to allow Bob to download and sign the signature. Is there any other problem arising from someone signing your key without "permission"? If you only want this for decluttering purposes, you will probably achieve something similar by only looking at mutually signed keys. It won't be exactly same, because the keys then have signed each other directly rather than each other's signature packets, but depending on your problem it may do the job for you. -- Einar Ryeng _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
