<br><br><div class="gmail_quote">On Wed, Nov 30, 2011 at 10:52 AM, David Tomaschik <span dir="ltr"><<a href="mailto:david@systemoverlord.com">david@systemoverlord.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<div class="im">On Wed, Nov 30, 2011 at 10:24 AM, Michael H. Warfield <<a href="mailto:mhw@wittsend.com">mhw@wittsend.com</a>> wrote:<br>
> Sorry for hitting the whole list with this but I haven't gotten a<br>
> response back from the E-Mail address in question. I only sent the<br>
> query out early yesterday afternoon so that's not wholly surprising.<br>
><br>
> What appears to be a "role key" was submitted to the ALE Keysigning<br>
> Party. Role keys are normally fine but the rules tend to be a little<br>
> different for verification, if the owner of that key wants them signed.<br>
> Usually, some proof of ownership (such as corporate papers for corporate<br>
> keys) or proof of authority is usually required. As one poster<br>
> mentioned, they only sign such keys with pseudonyms if they have a real<br>
> uid included on the key. I'll have to think about that criterion, since<br>
> you can always edit a key to remove a uid (subject to my comments in<br>
> another message) I'm not totally sure I would trust that, but maybe.<br>
><br>
<br>
</div>FWIW, if the key is already on the keyserver, deleting a UID is no<br>
good. All you can do is revoke the UID. While I don't object to<br>
pseudonymous keys, I will not trust them in my keyring, and will only<br>
sign them as "I have not checked at all." GnuPG asks what level of<br>
checking you have done when you sign a key with the following options:<br>
<br>
0. I will not answer. (default)<br>
1. I have not checked at all.<br>
2. I have done casual checking.<br>
3. I have done very careful checking.<br>
<br>
I normally select "2" for signatures from a keysigning event. I will<br>
sign with "very careful" checking for people whom I know personally or<br>
individuals who have provided 2 or more reasonable forms of<br>
identification.<br>
<br>
I *will not* under any circumstances sign UIDs that I feel are<br>
intentionally misleading. If Jim Kinney brings me a key with both his<br>
UID and a UID with the name "Mike Warfield" on it, I will not sign<br>
that key.<br></blockquote><div><br>dang. back to the evil genius drawing board.<br>Total World Domination postponed until further notice. <br><br>is this thing on?<br><br></div><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<br>
I have also adopted Jeremy's practice of encrypting the signed key and<br>
sending it to (in my case) the first email address on the key. If I<br>
have concerns about a particular email address, I might instead choose<br>
that one.<br>
<br>
--<br>
David Tomaschik, RHCE, LPIC-1<br>
System Administrator/Open Source Advocate<br>
OpenPGP: 0x5DEA789B<br>
<a href="http://systemoverlord.com" target="_blank">http://systemoverlord.com</a><br>
<a href="mailto:david@systemoverlord.com">david@systemoverlord.com</a><br>
<br>
_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
</blockquote></div><br><br clear="all"><br>-- <br>-- <br>James P. Kinney III<br><br>As long as the general population is passive, apathetic, diverted to
consumerism or hatred of the vulnerable, then the powerful can do as
they please, and those who survive will be left to contemplate the
outcome.<br>- <i><i><i><i>2011 Noam Chomsky<br><br><a href="http://heretothereideas.blogspot.com/" target="_blank">http://heretothereideas.blogspot.com/</a><br></i></i></i></i><br>