Sign my key - Was (no subject)

Alex L. Mauer hawke at
Fri Jun 3 20:32:17 CEST 2005

Francis Gulotta wrote:
> How do we know it's really yours or that you are really you? I'll accept
> that this message was signed with it, but by signing you key it means I
> have no doubt that it really does indeed belong to Dan Mundy. And I've
> nver met him.

I know this is rather controversial, but for a lot of people it doesn't
matter if the person really is Dan Mundy, since Dan Mundy is just a
string, and doesn't really have any inherent meaning attaching it to a
physical entity.

You can be *somewhat* sure that if you send an encrypted email to some
address, and they respond to its contents, that someone who has access
to that mailbox also knows the passphrase to the relevant key.

Physically meeting someone doesn't prove that the keyholder hasn't
shared the passphrase and private key.

If there's a picture UID on the key and it matches the person that you
physically meet, it doesn't prove that the person you met has the
passphrase to the key, or that they have access to the mailbox
associated with the key.

With a photo ID, it can prove (to the extent that they have proven it to
the ID issuer, i.e. not a whole lot) that the name on the key matches
the person you've physically met.  But if you interact primarily over
the net, that doesn't really matter.  There's a major missing link
between the email address and the physical person at the meeting.

For purposes of network addresses, I mostly couldn't care less if the
person who uses the email address harob02 at *actually* goes
by the name, or is known to some government by the name Dan Mundy.  What
I do care about is that the same keyholder who signed this message, also
signed that one, and I have some basis for believing they both came from
the same person. And *that* is the important step.  I can build up a
level of trust based on the contents of messages signed by that key.  If
he starts spouting crap that is inconsistent with prior messages, I can
lower my trust on the determination that his key has been compromised,
or he's gone nuts, or he's changed his mind.  But what he's actually
named by his parents is totally irrelevant to that.

If I was entering into some sort of contract with him, validating the
government ID might start to matter so I could enlist some governmental
aid in enforcing it, if it became necessary.  But the more risk I'm
taking in some contract, the less likely I am to trust any middle-men to
have verified someone's identity.

Bad - You get pulled over for doing 90 in a school zone and you're drunk
off your ass again at three in the afternoon.
Worse - The cop is drunk too, and he's a mean drunk.
FUCK! - A mean drunk that's actually a swarm of semi-sentient
flesh-eating beetles.
gpg/gpg key id: 51192FF2 @
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20050603/51813abd/signature.pgp

More information about the Gnupg-users mailing list