key-signing for pseudonyms

Jeff Fisher jeff+gnupg at jeffenstein.org
Mon May 17 18:43:47 CEST 2004


On Mon, May 17, 2004 at 04:50:13PM +0200, Thomas Sj?gren wrote:
> On Sun, May 16, 2004 at 06:35:18PM -0400, Atom 'Smasher' wrote:
> > so, if i'm at a conference and i want to exchange key signatures with
> > people, i can prove that i currently control this email address and key by
> > sending some secrets back and forth.... not a problem... but if i want to
> > "prove" that i'm atom smasher...?? that could be tough....
> 
> maybe the only solution is then to try to organize av physical web of
> trust; i know X, X knows Y, Y knows Z, Z knows you. but i guess you have
> to belive the "six degrees of seperation"-theory for that to work.
> 
> > and the weird thing is that the key-signing how-to guides go into detail
> > about verifying the fingerprint and name... that's only 2/3 of identifying
> > a key! in my situation, i can easily confirm 2/3 (email and fingerprint),
> > but it's not the 2/3 that most people are trained to look for.
> 
> imho the 2/3 you have as an example (email and fingerprint) isn't as
> valuable as the 2/3 most people check (id and fingerprint). primary
> because an email isn't usually printed on a goverment issued photo-id.

I'm jumping in here, because this is similar to a question I asked on the
list a couple weeks ago about verifying the real name.

Just my opinion (or the circles I travel in), but growing up in the US, almost
everybody personally knows one or two people who have a fake ID for getting
into bars under the legal drinking age.  Often these are legal ID's, issued by
the state, with falsified information.  For the truly paranoid, several of the
9/11 terrorists had valid US drivers licences, as US citizens.

From stories I've heard, passports are not that much harder to get,
depending on the country.  How much trust would you put into a passport
from any third-world country? How about Afganistan or Iraq? In the US, a
passport requires only a birth certificate (easily faked by any doctor),
SSN (based on the birth certificate) and a drivers licence (based on the
above two and a driving test).  

Even if the document is faked, do you know the anti-counterfiet measures for
the passports in more than a couple countries? Who's a paranoid guy to trust?

Maybe the solution to the original problem is to get a passport that says
"Atom Smasher" as the name. ;-)

I guess I'm in the minority here, but I'd consider the name to be the least
important bit of information in the user id, as it is the most easily
faked.  Granted, most people do not have fake id's, and the value of faking
a name for a pgp key is dubious, but IMO the only way to really trust the
name is to know someone personally, or have trust in somebody who does know
them personally. This is something you won't get at a keysigning party.

Having a photo uid (as was suggested in the previous thread) may be an option,
but doesn't add any weight to the real name on the key.  Counterfeit documents
can have any photo, and faked documents will of course match the person who
supplied the false information.

It's also possible to fake an e-mail address by intercepting the traffic or
hacking into an e-mail server, but in my experience, this is limited to a
much smaller group of people capable of such feats, and not likely to go
undetected for long.

With the e-mail address, if your mail server is comprimised you are open to
mitm attacks, but this would be almost impossible if the fingerprint is
exchanged using another means.  So, a combination of fingerprint and e-mail
is likely to get you the right person, but the name stands alone, without a
secondary means to verify it such as a mutual aquaintance.

Just to add a bit more paranoia, at least in the US, there are books about
changing your identity for whatever reason, and someone who has done this
would have many people who only know them as the new name they have chosen.
So maybe even vouching for someone isn't sure, or maybe the real name is just
not a solid enough piece of information any longer.  It all comes down to a
leap of faith to actually trust the real name on a key. Even celebrities are
not exempt.  How many actors and singers go by stage names?  Is it even
relevant to know the real name of the person in these cases, as they are
effectively know by their fake name?

Of course, this could all just be the mad rantings of a bitter, paranoid
old man...

-- 
jeff at jeffenstein.org                  http://www.jeffenstein.org/
"It is our belief, however, that serious professional users will run out of
things they can do with UNIX. They'll want a real system and will end up doing
VMS when they get to be serious about programming."
                                -- Ken Olsen, CEO of DEC, 1984
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 793 bytes
Desc: not available
Url : /pipermail/attachments/20040517/e4e67706/attachment-0001.bin


More information about the Gnupg-users mailing list