Do not conflate key+userID certification with "vouching" [was: Re: How to verify the e-mail address when certifying OpenPGP User IDs]

Daniel Kahn Gillmor dkg at
Fri Apr 8 20:00:22 CEST 2011

On 04/07/2011 09:37 PM, Grant Olson wrote:
> Keep in mind that the web-of-trust isn't the mafia.  If you 'vouch' for
> someone and they turn out to be a rat, nobody's going to two bullets in
> your chest, and one in your head.

"Vouching" for someone usually means that you think you can rely on the
person, and that you think they're somehow "good", "on our side",
"trustworthy", etc.

Making an OpenPGP certification ("keysigning") is *not* the same as
"vouching" for them.  An OpenPGP certification is a simple assertion of
two things: {identity (which may include an address), and ownership of a

An OpenPGP certification says nothing about whether you think the
keyholder is a good person, whether you would trust them with your
children, whether they are a good software engineer, whether you would
vote them into public office if you happen to live in a democracy, or
even whether you are willing to rely on the OpenPGP certifications they
produce. [0]

You are free to assert these other qualities in many other ways, of
course.  For example, I could write, sign, and publish a document that
says "Alice <alice at> has strong moral fiber".  This sort of
"vouching" would be distinct from my certification of Alice's OpenPGP
key.  Note that I am *not* saying that Alice's key has strong moral
fiber.  My statement is vouching for *Alice*, not her key.

Keeping the semantics of keysigning restricted to a simple assertion of
identity and key ownership makes it possible to do reasoned inference
over a set of certifications, to establish (via intermediate parties,
such as "mutual acquaintances") a level of reliable identity and
key-ownership between people (and other entities!) who have never
physically met.  It also makes OpenPGP certification less fraught with
doubt or confusion, and it reduces the amount deep social relationships
published on the public keyservers.  This is good.

If you mix non-identity, non-key-ownership notions into your OpenPGP
certifications, making a certification becomes radically harder (because
the other notions are significantly less objective), and your ability to
do effective reasoned inference about identity and key-ownership drops
away as certifications themselves become rarer and more entangled with
subjective measurements of "vouch-worthiness".

Ironically, this means that mixing concepts of "vouching" into standard
OpenPGP certification makes it *harder* to effectively "vouch" for
someone, because it is harder for them to establish their identity in
the first place.

Vouching for people is great, and useful in many contexts.  But it
should not be conflated with identity certification.


[0] Yes, you can actually assert your willingness to rely on the
keyholders' own OpenPGP certifications, using so-called "trust
signatures".  Currently, very few people issue trust signatures, and
those who use them responsibly issue them very rarely.  If you aren't
confident on standard OpenPGP certifications, you should probably avoid
issuing trustsigs entirely.  They are public declarations of social
relationships that most people prefer to keep private.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110408/1d7d389f/attachment-0001.pgp>

More information about the Gnupg-users mailing list