User Ids without email address

Ingo Klöcker ingo.kloecker@epost.de
Wed Mar 26 01:31:01 2003


--Boundary-02=_zfNg+EUdxtMjBhC
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Description: signed data
Content-Disposition: inline

On Monday 24 March 2003 08:34, Huels, Ralf SCORE wrote:
> Ingo Kl=F6cker wrote:
> > So in order to avoid the loss of trust chains because of no
> > longer used resp. lost email addresses it seems to make sense to
> > add a user id without email address to each key.
>
> I have a UID on my keys that contains only my name, date and
> place of birth:
> uid  Ralf Huels (born 1967-06-21 in Muelheim/Ruhr, Germany)
>
> As you probably know, this (together with the name at birth
> where appropriate) is considered to uniquely identify a person
> according to german census and is easily verified with most
> pieces of official german ID.

I don't think I would add more personal information than my name to a=20
UID of my keys. Of course it's not unique (and in fact there is already=20
a key of a name twin of mine; but his UID is mangled because he used=20
PGP to create it), but I really don't feel comfortable about releasing=20
more information about me to the public than necessary.

> > Are there reasons not to add a user id without email address?
>
> I don't see any. When signing a UID like that you should check
> carefully for a self-signature, I guess. There's no other way
> to check whether the person described by the UID has control
> over the secret key as you can't send a challenge.

And therefore such a key would only get a level 2 signature from me. But=20
in the wild such keys will most likely have an additional user id with=20
an email address. And this can be used to send a challenge.

Regards,
Ingo


--Boundary-02=_zfNg+EUdxtMjBhC
Content-Type: application/pgp-signature
Content-Description: signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQA+gNfyGnR+RTDgudgRAlllAJ9B8/a6alXbiBW1ZYoZoZZvKvZFPgCg1cy0
qIKDok+/QefwLABCSPiyRns=
=GcxJ
-----END PGP SIGNATURE-----

--Boundary-02=_zfNg+EUdxtMjBhC--