Delete key from keyserver

David Shaw dshaw at jabberwocky.com
Thu Oct 27 18:00:15 CEST 2005


On Wed, Oct 26, 2005 at 12:26:31PM -0500, Alex Mauer wrote:
> David Shaw wrote:
> 
> >>>Some people
> >>>will not sign such a user ID though, 
> > 
> > It's not an issue of improving the trust, it's an issue of
> > disambiguation.  
> 
> Right, so why is it any better to have a key with:
> 0x99242560 David Shaw <dshaw at jabberwocky.com>
> 
> than to have
> 0x99242560 David Shaw
> 0x99242560 dshaw at jabberwocky.com
> (two UIDs)
> 
> You still have the same level of disambiguation.  Why would someone be
> unwilling to sign the one, but willing to sign the other?

Because they're not joined together it is not a real disambiguation.
With two UIDs, it is possible for someone to remove one without
affecting the other.  We've established that people are sometimes
unwilling to sign "David Shaw" (with no email).  Having two UIDs, each
requiring their own signature, is much the same case since the email
address UID can be removed.

> But it's really irrelevant to the original point, which is that in many
> cases, the real name doesn't matter; only the email address/key does.
> "If I know a person only by email, then that email *is* the person to
> me."  In that case, if the email is trusted, then the name on the UID is
> irrelevant.  I might be willing to trust that key ID 0x99242560 really
> is used by the holder of email dshaw at jabberwocky.com, but not that the
> person in question really is named David Shaw. ... and in most cases, I
> probably don't really care about the real name of the keyholder, only
> about the email address.  So why should I have to sign both in order to
> declare this trust?

You don't.  But it's not up to you as the signer - it's up to the key
holder to say how he wants to be known.

David



More information about the Gnupg-users mailing list