ietf-openpgp
[Top] [All Lists]

Re: Requiring self-signed uids? (was Re: PoP & Signer's User ID subpacket?)

2003-07-17 14:52:25

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

"David Shaw" <dshaw(_at_)jabberwocky(_dot_)com> writes:
Allow me to restate the original problem that spawned this thread: It
would be nice to require self-signatures on user IDs.  We cannot do
that since an encrypt-only primary is unable to issue such a
self-signature.

It seems that we all agree that it would be "nice" to *require*
self-signatures.

So, as a solution, rather than ripping into the key construction
rules, why not just put in a line saying "user IDs and user attributes
SHOULD have a self-signature", and call it a day?

I think it's suitably "nice" to merit "ripping into" a key construction
rule that I have always thought was wrong.  Despite your attempts to
paint the current rule as cleaner, simpler, or more natural, I still
disagree -- I think the current rule is more convoluted.  It *is*
the current rule, though, and I understand that we'd be invalidating
some currently valid keys "with the swipe of a pen".  As you've noted,
no known software generates encrypt-only top-level keys (except perhaps
for testing).  Anyone with a usable signing key can generate a self-signature
to make any intended uids valid.  With those facts in mind, I'm quite
willing to take a swipe to correct a mistake.

Perhaps one of the original authors can offer some insight here.
Why was it important to allow encrypt-only "primary" keys?

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3

iQA/AwUBPxcaN+c3iHYL8FknEQKIRwCeKmbyVMTXwb5uoiQjFZ8vud33I+gAoLCG
DXPnhQ0f/u9cqccD+/TTr+64
=il1i
-----END PGP SIGNATURE-----