key-signing for pseudonyms

Greg Sabino Mullane greg at
Mon May 17 04:06:32 CEST 2004

Hash: SHA1
> what if i was personally introduced to you as "atom smasher"? what if i
> was introduced by someone who we've both personally known for years? what
> if i was speaking at a conference, and identified as "atom smasher"?
I don't think that would be enough personally for me. I really like to
tie it into some legal form of identification. That's what my signatures
mean to me: I have verified that this person is who they say they are, and
they are in control of the email corresponding to the uid(s) that I
have signed. Other people's signatures may mean something different.
I am hard pressed to come up with circumstances where a person I meet
in person still insists on a pseudonym and has no "real name" uid. If there
were extenuating circumstances however, I would probably sign it at
"level 2" with a unique policy url stating why the person has no real
name and why I signed it anyway. It's really on a case by case basis: I'm
sure if you gave more specific examples, people could tell you what they
would do.
>> * Nor do they get it unless they sign mine as well!
> ~someone~ has to go first, right?
Not if you are using the Biglumber key exchange service! If you are logged
in to Biglumber, just hit the link and upload a signed copy of the other
person's key. When they upload your key signed by them, Biglumber mails
you both a copy of your signed keys.
- --
Greg Sabino Mullane greg at
PGP Key: 0x14964AC8 200405162205

More information about the Gnupg-users mailing list