moving user ID Comments to --expert mode

MFPA expires2011 at
Wed Feb 9 00:27:00 CET 2011


On Monday 7 February 2011 at 5:37:11 AM, in
<mid:4D4F8507.7010107 at>, Daniel Kahn Gillmor wrote:

> Here are some legitimate User IDs that do not
> correspond to a single individual:

>  * " archive signing key"  * "Debian
> Archive Automatic Signing Key (6.0/squeeze)
> <ftpmaster at>"

> These are legitimate to my mind because the
> unambiguously identify an entity responsible for the
> key (despite the fact that the entity is not a single
> individual).  Note that the latter happens to be an RFC
> 822-style e-mail address, but the former does not.  The
> e-mail address form is *not* relevant to the legitimacy
> of the User ID, other than its ability to disambiguate
> potentially-conflicting claims to the same name (e.g.
> there might be multiple "John Smith"s, but there is
> only one john.smith at if you subscribe to the
> global namespace described by DNS).

Does this ambiguity cause you to not consider the string "John Smith"
to be a legitimate User ID?

>> Isn't the User ID simply the string which the user has
>> chosen as an identifier for their key, which can be
>> something more human-friendly than the key id?

> User ID is short for "User Identifier".  The User ID is
> not only friendlier than the key ID -- it actually
> refers to something outside the cryptographic realm in
> which the key operates.

Or might be a name the user has given to the key itself to enable easy 
identification, for example there are many called "Test Key."

>> I thought the Key ID and the User ID both identified
>> the key,

> As their name implies, the Key ID identifies the key,
> and the User ID identifies the User (or keyholder).

Does it actually _imply_ that, or does that merely fit the de facto
standard of User IDs containing real names (and usually email
addresses)? The terms Key ID and User ID also reflect one being
mathematically derived from the key material whereas the other is
chosen by the user.

Best regards

MFPA                    mailto:expires2011 at

Consistency is the last refuge of the unimaginative

More information about the Gnupg-users mailing list