Opportunistic Encryption [Was: Keys not trusted]

Jason Harris jharris@widomaker.com
Wed May 14 18:43:02 2003

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, May 14, 2003 at 08:36:54AM -0500, Mark H. Wood wrote:
> On Tue, 13 May 2003, Jason Harris wrote:

> > The WoT doesn't cease to exist for "anonymous" keys.  In fact, it
> > becomes purer.  If you don't have a trust path to an "anonymous" key,
> > you can't even put any trust into it based on a name or email address
> > that you might be willing to trust.
> I need a little help here.  What, exactly, would an "anonymous" key
> *mean*?  To what would a document signed by such a key be bound, and why
> would I care?

It depends on your signature path to the key.  If you have one hop
through a trusted friend who knows the keyholder and will tell you
lots of things about the keyholder except their name and email
address, you might not care that you don't know the person's real name.
A signature from the keyholder would be just as useful as one from
someone your friend knows who put their name on their key.

If you have 4 hops to the key but you wore masks at the keysigning
that established the signature path and you know that the "secret
society" that held the keysigning is really strict about proper PGP
usage, you can be pretty sure the keyholder is a member.

Also read:


where it starts talking about "software written pseudonymously."

> (I'm always swimming against the current.  While it seems everyone else
> wants to become invisible, I've been wondering how to go about getting
> really high-quality identity documents, both paper and electronic.  I
> *want* to be well-known, *on my terms*.)

Typically governments issue "paper" identity documents to you (birth
certificate, SSN card, driver's license, passport).  You then use a
DL and/or passport at PGP keysignings (see my website) to prove to
others that your paper identity matches your electronic one.

Jason Harris          | NIC:  JH329, PGP:  This _is_ PGP-signed, isn't it?
jharris@widomaker.com | web:  http://jharris.cjb.net/

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.1 (FreeBSD)