User Ids without email address
Huels, Ralf SCORE
Ralf.Huels@schufa.de
Mon Mar 24 08:32:02 2003
Ingo Kl=F6cker wrote:
> So in order to avoid the loss of trust chains because of no=20
> longer used resp. lost email addresses it seems to make sense to
> add a user id without email address to each key.
I have a UID on my keys that contains only my name, date and
place of birth:
uid Ralf Huels (born 1967-06-21 in Muelheim/Ruhr, Germany)
As you probably know, this (together with the name at birth=20
where appropriate) is considered to uniquely identify a person=20
according to german census and is easily verified with most=20
pieces of official german ID.
> Are there reasons not to add a user id without email address?
I don't see any. When signing a UID like that you should check
carefully for a self-signature, I guess. There's no other way=20
to check whether the person described by the UID has control
over the secret key as you can't send a challenge.
Tschuess,
Ralf