From 02baf74cf1cfeceb81b93c3bc284f107af3c2f19 Mon Sep 17 00:00:00 2001
From: Lars Wirzenius <liw@sequoia-pgp.org>
Date: Thu, 25 Nov 2021 14:55:22 +0200
Subject: fix: avoid suggesting to remove sensitive userids

Instead, avoid adding them. Suggest separate keys instead.
---
 sq-guide.md | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/sq-guide.md b/sq-guide.md
index e954b71..2069c86 100644
--- a/sq-guide.md
+++ b/sq-guide.md
@@ -763,11 +763,16 @@ as Facebook, Twitter, Mastodon, or GitHub; publish a photo of it on
 a photo sharing site; print it on business cards. We'll cover more
 options later in the chapter on managing keys in a community.
 
-A caveat: a certificate does contain all the user ids on your key, so
-if any of those is not public information you may want to remove them
-from your key before extracting the certificate. You may want to have
-an entirely separate key for that. User ids are tied to the primary
-key, subkeys inherit them from their primary.
+User ids are tied to the primary key, subkeys inherit them from their
+primary.
+
+A certificate should only contain User IDs for identities that you
+want linked together. If you want to compartmentalize your online
+identities, then you should use a separate certificate for each set of
+pseudonyms, which should be separate from the others. For instance,
+you might have one certificate for your activities as an activist, and
+another for your normal, day-to-day activities.
+
 
 # Using digital signatures
 
-- 
cgit v1.2.1