so, like, what's to stop me from writing a program (based on pgp source code) which can delete user IDs from my own keys after other folks have signed them? in fact, how *can* i change the user ID on a key after it has been signed? the pgp docs are unclear on how this works. can someone help me to understand what it means exactly when a key is signed? what parts of the key are certified by the signature?