At 10:33 PM -0700 6/12/97, William H. Geiger III wrote:
In
, on 06/12/97 at 10:14 PM, Bill Frantz said: If you have a version of the key with no signatures, then you can change the data field and re-sign with the associated secret key. Since the data field has changed, you properly need to have others re-verify the validity of the binding.
I don't think that any changes that he would make to his key would need re-verification provided that he signed those changes. Take the following scenario:
John Doe creates a key and signs it:
pub 2048/FFFFFFFF 01/01/90 John Doe sig John Doe (0xFFFFFFFF)
Now 3 other people verify that the key does belong to John Doe and sign the key:
pub 2048/FFFFFFFF 01/01/90 John Doe john.doe@anonymous.com sig John Doe (0xFFFFFFFF) sig Mary Jane (0xAAAAAAAA) sig Tom Thumb (0x11111111) sig Tiny Tim (0xCCCCCCCC)
Now John adds an aka to his key and signs it.
pub 2048/FFFFFFFF 01/01/90 John Doe john.doe@anonymous.com sig John Doe (0xFFFFFFFF) sig Mary Jane (0xAAAAAAAA) sig Tom Thumb (0x11111111) sig Tiny Tim (0xCCCCCCCC) aka John Doe john.doe@who-is-it.com sig John Doe (0xFFFFFFFF)
Since John Doe is the only one who could sign the key with the new aka one can assume that the aka is as valid as the original userid.
So if John Doe wants to be known as "president@whitehouse.gov" or "Tim May