Under ‘security considerations’ the current WKD draft says: > The mail provider MUST make sure to publish a key in a way that only the > mail address belonging to the requested user is part of the User ID > packets included in the returned key. Other User ID packets and their > associated binding signatures NUST be removed before publication.
So if I have two email addresses/user IDs m...@my.org and m...@my.org associated with the same key, I cannot just export the key and publish it, right? I have to somehow publish two different ‘stripped’ public keys. Is there documentation somewhere how to produce the keys for both these user IDs with GnuPG? (I don’t think the Python generate scripts do this properly, or do they?) Cheers, -- David
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
