moving user ID Comments to --expert mode

Daniel Kahn Gillmor dkg at fifthhorseman.net
Sun Feb 6 20:46:30 CET 2011


On 02/06/2011 02:08 PM, Werner Koch wrote:
> On Fri,  4 Feb 2011 16:51, dkg at fifthhorseman.net said:
> 
>> Some translation changes might still be worth doing; I would like to see
>> the example User ID lose the comment (including "(Der Dichter)" in an
>> english prompt is not helpful), and i think the wording should also be
> 
> Fine with me, if we drop the comment prompt.

great!

>> adjusted, since the User ID does not identify the key -- it identifies
>> the user.  But i'll happily pursue translation changes as a separate
> 
> I disagree.  It depends on what you understand as "the user".  I assume
> you mean the entity which has control over the secret key.

Yes, that's what i mean.

> Often this
> is not just one human but a group of people or some malware.

Yep, and those keys should probably be clearly marked.  Obviously, the
malware *won't* self-identify, but there are legitimate keys whose users
are not individual humans (like debian's archive signing key), and those
do have legitimate User IDs.

A User ID for such a key properly identifies the entity which has
control over the secret key.  It does not identify the key itself.

> Thus the
> User ID is still one way to identify the key and it is actually the most
> commonly used to identify the key.

The User ID is the most commonly-used way to *find* the key -- but it
does not identify the key.  It identifies the user.  The fact that
people are willing to cryptographically bind the User ID to the key (via
OpenPGP certifications, a.k.a. keysigning) is what identifies the key.

I realize these are subtle, nit-picky questions of language.
Nonetheless, i think they're important to get right.  OpenPGP can be a
confusing environment for people, and choosing words carefully for one
of the major implementations can help to reduce confusion and make the
path to adoption less difficult.

Regards,

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110206/c57b7354/attachment.pgp>


More information about the Gnupg-users mailing list