Photo-ID: questions

Neil Williams linux at
Fri Feb 20 23:55:59 CET 2004

Hash: SHA1

On Thursday 19 February 2004 1:18 pm, Ruediger Kupper wrote:

I didn't get a photo UID in the key used to sign your message (and I use a 
keyserver that supports photos and subkeys) - is this a different key you are 
using for photos?

> pixels), e.g. 100x130. What arguments are there for the former or
> the latter?

If you want to use an image it should at least be recognisable, so larger is 
better than pixelated.

> 2. In general, should one use photo IDs at all? Do they increase
> security or ease the process of key validation? Couldn't they fool

I don't see that a photo UID aids key validation at all - key validation is 
all about exchanging key fingerprints face-to-face and verifying email 
addresses/UID's by correspondence and passports etc. A photo UID is just 
another UID to verify on the key - it's the key that is the most important 
verification step. Having the photo on the key doesn't help much - (excluding 
any previous knowledge/contact) I'd still need some 'official' photo ID from 
a trustworthy / government third party source before I could verify that you 
are who you say you are. Without that first step, I'd never sign your key.

Photos are a nice feature - with the expected drawback of an increase in the 
size of the public key - but personally I don't see how they increase 

> 3. In addition to my portrait, I have included the jpeg of my
> handwritten signature into my key (e.g. to provide a means to

Odd. Aren't you concerned that this will be used against you? If someone gets 
hold of your home postal address (perhaps from a WHOIS query on a personal 
domain), this could be a step in identity theft? OK, identities are stolen 
without handwriting signatures but that usually involves using a separate 
account/setup - if they had a real signature that they could spend loads of 
time perfecting their hand-written copy, identity theft could progress to 
real theft from your real accounts? I'd agree there are probably easier ways 
but, personally, I am surprised that you've done this.

> validate my signature on paper documents, provided you have a
> trusted copy of my GPG key). Is this a reasonable thing to do or is

It doesn't have to be trusted - if it's on your public key, anyone gets a 
picture of your handwritten signature. Whether they trust your key doesn't 
affect the ability to copy the handwriting.

> it complete nonsense? Do I miss any security issue here, or does
> this contradict the intended use of photo IDs? Again, anybody could
> have scanned my signature from any paper document that I have
> signed, so this, too, does serve as an authentication feature).

That depends how many signed paper documents you leave lying around. Your 
public key is very public and worldwide accessible - it's not as if someone 
has to have access to some paper documents in one specific geographic 

Plus it adds to the feeling that people will end up signing your key after 
merely verifying the photo and the signature image. My key has already been 
signed by people I've never met or even had any correspondence - complete 
strangers don't bother to verify me and still sign my key at sig3. I've even 
emailed a one or two but I never get a response. If anyone thinks they will 
get their key signed by signing mine without verification, they will be 
disappointed. I don't see what people gain by this but there's probably a 
misunderstanding of the web of trust at the core of it. I dare say Werner and 
others get a lot more of these signatures. Once on a keyserver, there's 
little point in pursuing the matter.

- -- 

Neil Williams
Version: GnuPG v1.2.4 (GNU/Linux)


More information about the Gnupg-users mailing list