[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PGP Question:




Friday April 29 1994 01:52, Derek Atkins wrote:

 DA> From: Derek Atkins <[email protected]>
 DA> Subject: Re: PGP Question:
 DA> Message-Id: <[email protected]>
 DA> Date: Thu, 28 Apr 94 19:52:01 EDT

[edited]

 DA> The point is that someone shouldn't NEED to revoke their key if all
 DA> they are doing is changing their email address.

Right, that's the point indeed.

 DA> What if the binding of the userID is a result of a position that you
 DA> hold... For example, I am the owner of a company and I sign people's
 DA> identifiers, saying that they are employees of mine, and possibly what
 DA> their position is.  Now say I fire someone, I want to be able to
 DA> revoke my signature since the binding is no longer valid!  But I
 DA> shouldn't need to force them to generate a new key.

But here I disagree. Should one wish to use PGP to assert something *other*
than that a certain PGP public key really belongs to someone, then write a
message and sign *that*. I'm not sure if I really understand you here, your
phrasing ("people's identifiers") is a bit unclear.

CU,  Sico ([email protected]).

[PGP public key:]
bits/keyID   Date       User ID
1024/5142B9 1992/09/09  Sico Bruins <Fido: 2:280/404>
     Key fingerprint =  16 9A E1 12 37 6D FB 09  F6 AD 55 C6 BB 25 AC 25
                        (InterNet: [email protected])