Friday April 29 1994 01:52, Derek Atkins wrote: DA> From: Derek Atkins <warlord@MIT.EDU> DA> Subject: Re: PGP Question: DA> Message-Id: <9404282352.AA07123@toxicwaste.media.mit.edu> DA> Date: Thu, 28 Apr 94 19:52:01 EDT [edited] DA> The point is that someone shouldn't NEED to revoke their key if all DA> they are doing is changing their email address. Right, that's the point indeed. DA> What if the binding of the userID is a result of a position that you DA> hold... For example, I am the owner of a company and I sign people's DA> identifiers, saying that they are employees of mine, and possibly what DA> their position is. Now say I fire someone, I want to be able to DA> revoke my signature since the binding is no longer valid! But I DA> shouldn't need to force them to generate a new key. But here I disagree. Should one wish to use PGP to assert something *other* than that a certain PGP public key really belongs to someone, then write a message and sign *that*. I'm not sure if I really understand you here, your phrasing ("people's identifiers") is a bit unclear. CU, Sico (sico@aps.hacktic.nl). [PGP public key:] bits/keyID Date User ID 1024/5142B9 1992/09/09 Sico Bruins <Fido: 2:280/404> Key fingerprint = 16 9A E1 12 37 6D FB 09 F6 AD 55 C6 BB 25 AC 25 (InterNet: sico@aps.hacktic.nl)