newbie question about identities

Eugene Smiley eugene@esmiley.net
Fri Oct 3 20:21:01 CEST 2003


This is a cryptographically signed message in MIME format.

--------------ms000708070104060603080308
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Atom 'Smasher' wrote:
>>Um, I don't remember seeing that or getting that impression, but if
>>you can quote the section (and even rewrite it) I'm sure the doc
>>maintainers would be interested...
>
> ==============================================
> http://www.gnupg.org/gph/en/manual.html#AEN282
>
> 		Adding and deleting key components
>
> 	Additional user IDs are useful when you need multiple identities.
> 	For example, you may have an identity for your job and an identity
> 	for your work as a political activist. Coworkers will know you by
> 	your work user ID. Coactivists will know you by your activist user
> 	ID. Since those groups of people may not overlap, though, each
> 	group may not trust the other user ID. Both user IDs are therefore
> 	necessary.
>
> that's the part in the handbook that seems to imply that it's OK to just
> add an identity to an existing key-pair, and everything will work
out fine.
> as i'm having my suspicions confirmed by the responses, that is not
quite
> fine when identities have to be hidden from each other, although it is
> fine if the identities do not (socially) conflict with each other.

Here's the part that you are missing though: "each group may not trust
the other user ID. Both user IDs are therefore necessary," (if you
want both groups to trust both UIDs). It's all about the trust. In
your case you don't care about the trust. The trust would be
detrimental in that case.

> maybe illustrating the concept of multiple UIDs (with one key-pair)
using
> an employee and an activist is the problem...

It would be valid if you were an activist in the same area as your
job, but not as an antagonist, e.g. a radio personality who also works
as a lobbyist for the Recording Industry. It would be valid for any
number of combinations, EXCEPT when the two (or more) identities
conflict, as you say.

> i think there should be some explicit mention in the handbook that any
> identities sharing a key-pair can easily be associated with each other,
> and if two (or more) identities have to remain isolated from each other
> they MUST NOT share a key-pair. in the current version of the manual
(1.1)

... SHOULD NOT, actually ...

> i don't see anything that explains that, but the example of the
> employee/activist really seems misleading....
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-nr2 (Windows XP)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE/fbBw6QPtAqft/S8RAiYTAJ9hdpXAqxBzuA/BQmtwMbLi2xI1mQCgi29I
kuO34sjyDGc6jSUsZjrBRxY=
=4bjN
-----END PGP SIGNATURE-----

--------------ms000708070104060603080308
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJzjCC
AzgwggKhoAMCAQICEGZFcrfMdPXPY3ZFhNAukQEwDQYJKoZIhvcNAQEEBQAwgdExCzAJBgNV
BAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgG
A1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vydmlj
ZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkG
CSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTAeFw0wMDA4MzAwMDAw
MDBaFw0wNDA4MjcyMzU5NTlaMIGSMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBD
YXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xDzANBgNVBAoTBlRoYXd0ZTEdMBsGA1UECxMUQ2Vy
dGlmaWNhdGUgU2VydmljZXMxKDAmBgNVBAMTH1BlcnNvbmFsIEZyZWVtYWlsIFJTQSAyMDAw
LjguMzAwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN4zMqZjxwklRT7SbngnZ4HF2ogZ
gpcO40QpimM1Km1wPPrcrvfudG8wvDOQf/k0caCjbZjxw0+iZdsN+kvx1t1hpfmFzVWaNRqd
knWoJ67Ycvm6AvbXsJHeHOmr4BgDqHxDQlBRh4M88Dm0m1SKE4f/s5udSWYALQmJ7JRr6aFp
AgMBAAGjTjBMMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFQcml2YXRlTGFiZWwxLTI5NzAS
BgNVHRMBAf8ECDAGAQH/AgEAMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQQFAAOBgQAxsUtH
XfkBceX1U2xdedY9mMAmE2KBIqcS+CKV6BtJtyd7BDm6/ObyJOuR+r3sDSo491BVqGz3Da1M
G7wD9LXrokefbKIMWI0xQgkRbLAaadErErJAXWr5edDqLiXdiuT82w0fnQLzWtvKPPZE6iZp
h39Ins6ln+eE2MliYq0FxjCCA0UwggKuoAMCAQICAwpcNzANBgkqhkiG9w0BAQQFADCBkjEL
MAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du
MQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYD
VQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMwMB4XDTAzMDcxNjE4MDM1MVoX
DTA0MDcxNTE4MDM1MVowYzEPMA0GA1UEBBMGU21pbGV5MRIwEAYDVQQqEwlULiBFdWdlbmUx
GTAXBgNVBAMTEFQuIEV1Z2VuZSBTbWlsZXkxITAfBgkqhkiG9w0BCQEWEmV1Z2VuZUBlc21p
bGV5Lm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMP+Nt46kXLdVxRRG9q2
k+Bxhvh3oelkBlCaIJXH+hr/FMl4GTWBXGc0wAXcHm2fRPJHnxVtHVEK/P/OLtvvv7gBrK3J
+3/VrB8SU9KlGb+dxqQFRc7y3keKkb+jgVnlYB9snQeaLeRkgItSR8iwVOPZg6QZ02GevxtO
AEF12cWhdIWYWeLCquMRztPwt0wY6iQo0AyBUBPpfLfJveINobKonPTV5QLdrs68YUHYr0dj
cl53gMpqSSzTHLcrna04mcC5s8GXQBjJ+cKOvDRVkVXYZ4rYxgMPeJ4njB72RSs+ABL6gAII
kc1tc4PQlwgwXk/XNIcCCQg2NnJ3GghvJOcCAwEAAaNTMFEwDwYDVR0PAQH/BAUDAwfpgDAR
BglghkgBhvhCAQEEBAMCBaAwHQYDVR0RBBYwFIESZXVnZW5lQGVzbWlsZXkubmV0MAwGA1Ud
EwEB/wQCMAAwDQYJKoZIhvcNAQEEBQADgYEAUWKZs1Q+SPOXSGSFlm2v7kjFdC+HFnCqB1bP
oCdVvnrK+sTQICA/yBciKm4O3zW02I+lCsJ4ZhBnjmforqmRjd9xZNfBY/4JbZRy2rzPkkvs
dQV9ztduqv4A0rNU7Nmq7lTv1cg3o8PEl6FhR5V2m9kMiAJMaVCTOekGlPOlhB4wggNFMIIC
rqADAgECAgMKXDcwDQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxX
ZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYD
VQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwg
UlNBIDIwMDAuOC4zMDAeFw0wMzA3MTYxODAzNTFaFw0wNDA3MTUxODAzNTFaMGMxDzANBgNV
BAQTBlNtaWxleTESMBAGA1UEKhMJVC4gRXVnZW5lMRkwFwYDVQQDExBULiBFdWdlbmUgU21p
bGV5MSEwHwYJKoZIhvcNAQkBFhJldWdlbmVAZXNtaWxleS5uZXQwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQDD/jbeOpFy3VcUURvatpPgcYb4d6HpZAZQmiCVx/oa/xTJeBk1
gVxnNMAF3B5tn0TyR58VbR1RCvz/zi7b77+4Aaytyft/1awfElPSpRm/ncakBUXO8t5HipG/
o4FZ5WAfbJ0Hmi3kZICLUkfIsFTj2YOkGdNhnr8bTgBBddnFoXSFmFniwqrjEc7T8LdMGOok
KNAMgVAT6Xy3yb3iDaGyqJz01eUC3a7OvGFB2K9HY3Jed4DKakks0xy3K52tOJnAubPBl0AY
yfnCjrw0VZFV2GeK2MYDD3ieJ4we9kUrPgAS+oACCJHNbXOD0JcIMF5P1zSHAgkINjZydxoI
byTnAgMBAAGjUzBRMA8GA1UdDwEB/wQFAwMH6YAwEQYJYIZIAYb4QgEBBAQDAgWgMB0GA1Ud
EQQWMBSBEmV1Z2VuZUBlc21pbGV5Lm5ldDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBBAUA
A4GBAFFimbNUPkjzl0hkhZZtr+5IxXQvhxZwqgdWz6AnVb56yvrE0CAgP8gXIipuDt81tNiP
pQrCeGYQZ45n6K6pkY3fcWTXwWP+CW2Uctq8z5JL7HUFfc7Xbqr+ANKzVOzZqu5U79XIN6PD
xJehYUeVdpvZDIgCTGlQkznpBpTzpYQeMYID1TCCA9ECAQEwgZowgZIxCzAJBgNVBAYTAlpB
MRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMG
VGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29u
YWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMAIDClw3MAkGBSsOAwIaBQCgggIPMBgGCSqGSIb3
DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTAzMTAwMzE3MjI1OFowIwYJKoZI
hvcNAQkEMRYEFJPqBmAEhv8HOrWxIatloeZnmxePMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZI
hvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3
DQMCAgEoMIGrBgkrBgEEAYI3EAQxgZ0wgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxX
ZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYD
VQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwg
UlNBIDIwMDAuOC4zMAIDClw3MIGtBgsqhkiG9w0BCRACCzGBnaCBmjCBkjELMAkGA1UEBhMC
WkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQK
EwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJz
b25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMwAgMKXDcwDQYJKoZIhvcNAQEBBQAEggEATSu2
XLtJXDrk4C06iteaVUgyLbfOvouqFPOWVZKIZyuN6FjXynTgQACckixhCuU91Il4fFR8gX5a
Lz4a9O3mm9/YWe8FS38uHlM0Iaj7QtTn0iXVlsffpM0sduVfQLIntvzPYVNkZasHeu0nahAS
3YRv7jXxbvedIifG7sdmZBMokHgoOaRU0ABJx6ygcTsY5jizj5zd+wOXivtXbOCZADZ2xVYa
NzN0wLVeKx9Zi4ZPhZUaIHn4Aej8PFKK8ymnngBSuK02dszoMZKR2CHPNST2AsThAxPHKl4D
rBkZsXgK6KGoQ1nVdJZ7zpEccvDQYVPXrCOfXLbs5ZCqBdMMaAAAAAAAAA==
--------------ms000708070104060603080308--





More information about the Gnupg-users mailing list