Comment fields in the User ID [was: Re: Help me to import my secret key please]

MFPA expires2010 at ymail.com
Tue May 18 19:40:25 CEST 2010 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Monday 17 May 2010 at 8:11:41 PM, in
<mid:4BF194ED.7050001 at fifthhorseman.net>, Daniel Kahn Gillmor wrote:


> I've been asking myself the same question; i haven't
> come up with a clear answer.  The closest i've come is
> when someone uses the comment field to state an
> organizational affiliation specifically for use with
> that key, to differentiate from another key, such as:

>  0xDECAFBAD   Maria Lopez (Foo Corp. Administrator)
>  <maria at foocorp.example>

>  0xDEADBEEF   Maria Lopez (Personal Use)
>  <maria at lopez.example>


That can be a useful, but doesn't really need the "comment" field; it
could just be typed as part of the person's name. Some would argue
that the "role" was part of the individual's identity; the same
individual in a different context is effectively a different identity.
I support that theory, but am mindful of a person's disparate
identities being more like a stew (where each ingredient affects the
others) than a series of discrete sausages.



> Even these messages might be better stored some other
> way, though.  For example, as OpenPGP notations in the
> self-signature.

"Better" as in "more elegantly." But also less visibly. I don't really
see how these messages would be handled as an OpenPGP notation; would
you envision them simply being displayed? I don't see a meaningful way
an implementation could act on the information except to await user
input.



> What do you think?  When are comments in the User ID
> field actually useful?

I think they are only useful for telling keys apart at-a-glance in a
list or GUI. And then, only when the comment is on the primary UID.


- --
Best regards

MFPA                    mailto:expires2010 at ymail.com

Roses smell better than onions but don't make such good soup
-----BEGIN PGP SIGNATURE-----

iQCVAwUBS/LREaipC46tDG5pAQqw0gQAvPFRviWJHepfUeU+1NGHFhajY03/AyMg
CqNSmvYfOandKszaz7CymKPlWPySan6GBvyKK2z/ZM8YiwHgZkBHINX6EcJguVVy
Snu6KrCG5Y02kbOLSOPSLIL9wchzT97KcOqb5J+0AcqGAwMPFLcHhOvjixCROV4N
AzdOBnUkFeU=
=fvc9
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list