[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Requiring self-signed uids? (was Re: PoP & Signer's User ID subpacket?)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, Jul 17, 2003 at 05:50:49PM -0400, Michael Young wrote:
> 
> "David Shaw" <dshaw@xxxxxxxxxxxxxxx> writes:

> > So, as a solution, rather than ripping into the key construction
> > rules, why not just put in a line saying "user IDs and user attributes
> > SHOULD have a self-signature", and call it a day?
> 
> I think it's suitably "nice" to merit "ripping into" a key construction
> rule that I have always thought was wrong.  Despite your attempts to
> paint the current rule as cleaner, simpler, or more natural, I still
> disagree

"Despite your attempts to paint the current rule"?  Yikes.  We're all
working towards the same goal here.  Remember who suggested dealing
with this in 2440bis.  If I liked the no-required-self-sigs status
quo, I wouldn't have brought it up.

Although it might seem I'm arguing against required self-sigs, I'm
actually fairly torn.  One problem is that combining this change with
the encrypt-only key change implies a number of subtle and not so
subtle changes, and I'm not (yet) convinced that this is the right
thing to do.

I understand that you see the removal of encrypt-only keys as an
advantage (as you seem to be arguing against encrypt-only keys almost
more than you are arguing for a required self-signature), but I don't
see things that way.

Despite what I said earlier in this thread, requiring self-sigs does
not depend on removing encrypt-only keys.  Since there seems to be
widespread agreement for the former, and not for the latter, perhaps
it would be better to resolve the self-sigs question and then discuss
encrypt-only keys as a suppurate issue.  Discussing the two issues tied
together seems to be leading nowhere.

I propose "Self-signatures are REQUIRED for all user IDs and user
attribute IDs on any key that has a primary capable of certification".
This handles the self-sig issue without changing the key construction
rules at all.

If there is consensus on this, then a different discussion can be
opened on the matter of encrypt-only keys.

David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3rc1 (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc

iD8DBQE/F0RT4mZch0nhy8kRApWuAKC1nGMxvf6i26tMxHJ/gHZ3qMY6hQCfUO8V
CsPgFfLT2nQbuVAd4HA1ki0=
=qfjQ
-----END PGP SIGNATURE-----