ietf-openpgp
[Top] [All Lists]

Re: Signer's User ID

2005-07-21 06:20:55

On Thu, 21 Jul 2005 13:11:56 +0100, Ian Grigg said:

But it recalls to mind what we do in contract issuance.  In
our model, we add strings to every keyId in the chain.  These
"roles" then inform the software of how to prepare and check

This works well when using a new key for each role. 

Assuming you would add the rules as different UID to one key you can't
see from a signature which role/UID was used to sign the document.
The Signer's User ID is a solution to this; however it is far easier
to create separate keys.

to the users.  That's very important in legal work as anything
that hides intent in special packets leads to questions as to
whether the software was doing the right thing.

Agreed.


Salam-Shalom,

   Werner


<Prev in Thread] Current Thread [Next in Thread>