key-signing for pseudonyms

Atom 'Smasher' atom-gpg at
Mon May 17 15:53:48 CEST 2004

Hash: SHA1

On Mon, 17 May 2004, Adrian 'Dagurashibanipal' von Bidder wrote:
> On Saturday 15 May 2004 08.05, Atom 'Smasher' wrote:
> > what happens, though, when one uses a pseudonym, alias, or "hacker
> > name" as the name in their pgp key?
> My policy is: I only sign
>  - photo ids where the photo matches the person
>  - userids with full name
> everything else doesn't really make sense for general keysignings.

i've got 2 UIDs. if i add a photo (and we met in person), would you sign
all UIDs, or just the photo? what are the variables one might consider?

> There may be exceptions, these are considered on a case-by-case basis.

any examples of what those special cases might involve?


On Mon, 17 May 2004, Kyle Hasselbacher wrote:
> On Sat, May 15, 2004 at 12:25:11PM -0400, Atom 'Smasher' wrote:
> >let's say i meet someone and their key-name is a pseudonym. we want to
> >sign each others' keys, but i have no idea who this person is.
> >[protocol] when the signature appears publicly, can
> >there be much doubt that i'm dealing with the same person i met?
> J. Random Celebrity wants anonymity.  Celebrity sends J. Random Flunky to
> meet you with the right fingerprint.  Later, Flunky gives Celebrity the
> "secret" you generated with Flunky in person.  In this scenario, you've
> been duped into signing a key that belongs to someone you never met.

the good old man-in-the-middle.... can this be resolved with a photo? of
course, a celebrity can use a double to participate in the meeting...


 PGP key -
 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808

	"Who controls the past controls the future.
	 Who controls the present controls the past."
		-- George Orwell
Version: GnuPG v1.2.4 (FreeBSD)
Comment: What is this gibberish?  -


More information about the Gnupg-users mailing list