What exactly stops me, a person wanting to impersonate that user, from putting the same QR-Code I got from that public key into my own keypair?

On 7/14/21 5:45 AM, Стефан Васильев via Gnupg-users wrote:
if a person, within the EU, would put his COVID vaccination certificate QR-Code in his pub-key as photo-ID I would say that than another GnuPG user, within the EU, or maybe later in the U.S. and elsewhere too, would have the assurance, without that the public key is otherwise signed, that this pub key belongs to that
person.

On GitHub is a decoder available, which allows users to verify the digital signature
of such COVID certs, with trustlists from EU member states.

https://github.com/stapelberg/coronaqr

Regards
Stefan

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Attachment: OpenPGP_0x255837AEF812E87E.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to