moving user ID Comments to --expert mode
MFPA
expires2011 at ymail.com
Mon Feb 7 01:01:48 CET 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi
On Sunday 6 February 2011 at 7:46:30 PM, in
<mid:4D4EFA96.9070100 at fifthhorseman.net>, Daniel Kahn Gillmor wrote:
> and those
> do have legitimate User IDs.
What's a "legitimate User ID?" My understanding is that, whilst the de
facto standard is a name and an email address, there is no compulsion
over what string to choose.
> The User ID is the most commonly-used way to *find* the
> key -- but it does not identify the key. It identifies
> the user.
Isn't the User ID simply the string which the user has chosen as an
identifier for their key, which can be something more human-friendly
than the key id?
> The fact that people are willing to
> cryptographically bind the User ID to the key (via
> OpenPGP certifications, a.k.a. keysigning) is what
> identifies the key.
I thought the Key ID and the User ID both identified the key, the
certifications were an assertion from other people that the User ID
was consistent with the user's real-world identity, and that these
certifications in combination with the User ID identified the user.
- --
Best regards
MFPA mailto:expires2011 at ymail.com
Two rights do not make a wrong. They make an airplane.
-----BEGIN PGP SIGNATURE-----
iQE7BAEBCgClBQJNTzZ5nhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5p8B0D+wbw
FTKiywBgtTUSQGm1H7QiW0jkHYf4t1/25l6mzLmfQtj2TrVWbK6si6hPPBBEswLt
49TkQC7yZHJTnYAChqUjKOyjBCT/9TEHh4WTmm8f2LBJf5+xIL6Sxze9c8j79koY
cw2+lBWZtmJZFEp/+V9gz1tBG2+YGfdwZKA151/i
=VTDA
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list