key-signing for pseudonyms

Jeff Fisher jeff+gnupg at jeffenstein.org
Wed May 19 08:37:23 CEST 2004


On Tue, May 18, 2004 at 11:07:08AM -0400, Atom 'Smasher' wrote:
> 
> On Tue, 18 May 2004, Mark H. Wood wrote:
> 
> > On Mon, 17 May 2004, Atom 'Smasher' wrote:
> > [snip]
> > > i think the issue of identity is shady for anyone who we don't ~really~
> > > know... someone's name could ~really~ be "george w bush", and they could
> > > really have the ID to prove it... that doesn't mean they're *the* george w
> > > bush. if this is someone i know, i'd sign the key. if this is someone i
> > > don't know, i'd be suspicious... they could be an impostor.
> >
> > Exactly!  What does a given label *mean*, and does it help you establish
> > the relationship you consider to be "identity" for your particular
> > purpose?  I did a search a few years back and found three other guys in my
> > home town alone who are named Mark Wood.  One even has my middle initial.
> >
> 
> a name is a social construct that works well in small groups. in large
> groups, it will tend to have a high failure rate in uniquely identifying a
> person. [...]

Mark & Atom have summarized where I was going with this better that I could...

There are three pieces of identifying information on the key, the fingerprint,
the e-mail address, and the real name.  Two of these are unique, and one is
fuzzy.  However, we are all familiar with using the fuzzy bit to identify
somebody, and not as comfortable with using the other two pieces of
information, so we tend to stick with what we historically see as the most
important, however useful it is in practice.

As an aside, I found some interesting links when looking at
http://www.toehold.com/robotca/, where Phil Zimmerman talks about his views on
PGP usage.  Maybe they've already made it to the list before...
http://linuxjournal.com/article.php?sid=5605
http://www.sc-delphin-eschweiler.de/pgp/ (Under the Friday section)

-- 
jeff at jeffenstein.org                  http://www.jeffenstein.org/
Rule #7: Silence is not acquiescence.
	Contrary to what you may have heard, silence of those present is
not necessarily consent, even the reluctant variety.  They simply may
sit in stunned silence and figure ways of sabotaging the plan after they
regain their composure.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 793 bytes
Desc: not available
Url : /pipermail/attachments/20040519/94ac4775/attachment.bin


More information about the Gnupg-users mailing list