moving user ID Comments to --expert mode
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon Feb 7 06:37:11 CET 2011
On 02/06/2011 07:01 PM, MFPA wrote:
> What's a "legitimate User ID?" My understanding is that, whilst the de
> facto standard is a name and an email address, there is no compulsion
> over what string to choose.
Here are some legitimate User IDs that do not correspond to a single
individual:
* "deb.torproject.org archive signing key"
* "Debian Archive Automatic Signing Key (6.0/squeeze)
<ftpmaster at debian.org>"
These are legitimate to my mind because the unambiguously identify an
entity responsible for the key (despite the fact that the entity is not
a single individual). Note that the latter happens to be an RFC
822-style e-mail address, but the former does not. The e-mail address
form is *not* relevant to the legitimacy of the User ID, other than its
ability to disambiguate potentially-conflicting claims to the same name
(e.g. there might be multiple "John Smith"s, but there is only one
john.smith at example.org if you subscribe to the global namespace
described by DNS).
> Isn't the User ID simply the string which the user has chosen as an
> identifier for their key, which can be something more human-friendly
> than the key id?
User ID is short for "User Identifier". The User ID is not only
friendlier than the key ID -- it actually refers to something outside
the cryptographic realm in which the key operates.
This is the point of a PKI, whether it is OpenPGP or X.509 or whatever:
you want to be able to bind mathematical constructs (e.g. public keys)
to non-mathematical entities (e.g. the entities referred to by User IDs).
> I thought the Key ID and the User ID both identified the key,
As their name implies, the Key ID identifies the key, and the User ID
identifies the User (or keyholder).
> the
> certifications were an assertion from other people that the User ID
> was consistent with the user's real-world identity,
Yes, *and* that the real-world entity in question actually controls the
associated key.
An OpenPGP certification is made over a (Key + User ID) combination. It
states "the owner of the key is in fact the person described by the User
ID".
https://tools.ietf.org/html/rfc4880#page-20
> and that these
> certifications in combination with the User ID identified the user.
The User ID identifies the user, but it might be (and in fact is
trivially) spoofed. To decide whether you're willing to believe that a
given User ID is correctly associated with a given key, you can use the
known certifications of the key+userID combination, and your state of
knowledge/belief about the certifiers themselves. These certifications
cannot be (practically) spoofed.
This is how the web of trust operates.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110207/ee363a56/attachment.pgp>
More information about the Gnupg-users
mailing list