Page MenuHome GnuPG

GnuPG should generate a direct-key signature to constrain the primary key, and convey preferences and features
Closed, WontfixPublic


Currently, primary key constraints, preferences and features are only expressed using the binding signatures of userids. However, this is problematic in case they are stripped to enhance the privacy of users.

Simply also emitting a direct-key signature whenever a key is created, or primary key constraints, preferences or features are updated, ensures that other clients have a consistent view even if (some) userids are stripped. Also emitting a direct-key signature should not cause problems with implementations.