gpg for pseudonymous users [was: Re: gpg for anonymous users - Alternative to the web of trust?]

Daniel Kahn Gillmor dkg at
Fri Apr 5 19:38:18 CEST 2013

On 04/05/2013 11:39 AM, Stan Tobias wrote:
> People assume pseudonyms for various reasons, anonymity being but one
> of them.  It is clear the person behind "adrelanos" wants to remain
> anonymous, while giving a name to his action.

This is practically the definition of a pseudonym, not anonymity.
Anonymity involves trying to avoid leaving any traces of identity
whatsoever.  I really do think it's worth distinguishing between the two
cases, since they're quite different.

From WordNet (r) 3.0 (2006) [wn]:

      n 1: a fictitious name used when the person performs a
           particular social role [syn: {pseudonym}, {anonym}, {nom de

      adj 1: having no known name or identity or known source;
             "anonymous authors"; "anonymous donors"; "an anonymous
             gift" [syn: {anonymous}, {anon.}] [ant: {onymous}]
      2: not known or lacking marked individuality; "brown anonymous
         houses"; "anonymous bureaucrats in the Civil Service"

I agree with you that the WoT is not useful for people who truly wish to
be anonymous.

However, the WoT still can be useful for people who wish to establish a

> Daniel Kahn Gillmor <dkg at> wrote:

>> For a pseudonymous author who wants to establish a credible claim to a
>> given identity, one way would be to encourage the people who have been
>> following the work of that author to certify the key.  In that case, how
>> would they know it's the right one?  This is a shade different from
>> other scenarios, but if, for example, if i had been using tool X for 5
>> years, and had been corresponding with the author (e.g. bug reports,
>> thank you notes, feedback, etc) over that time and all the
>> communications and versions of the tool that i received consistently
>> demonstrated that the person on the other end had control of the key in
>> question, i would have no problem certifying that identity.
> What would such a certification accomplish?

It establishes a history of someone doing work and being active using
that name.  Given that it includes an e-mail address, it is effectively
globally unique (modulo problems with the DNS). If there are two such
entities, using two separate keys, that's entirely possible.  My
certification would indicate which one is the one i have come to know as
"adrelanos <adrelanos at>".

> Further thoughts for discussion:
> If I told you my pseudonym was "Werner Koch" (for "John Smith" was already
> too occupied), would you sign my key?  

Well, i already know a Werner Koch, and i don't think i would sign any
colliding user IDs without good reason.  If i'm dealing with User IDs
that are clearly non-global, have no difficult-to-forge corroboration
(e.g. gov't issued ID), etc, and i have no prolonged experience
interacting with someone using that identity, i'm likely to decline to
make that certification.

> Why would it take 5 years to
> convince yourself to sign adrelanos' key; why not 5 months, or 5 weeks?

I said 5 years as an example, not as a magic threshold where my
confidence in someone's persistent identity kicks in.   I suspect that
each person has their own sense of this, and can make their own
decisions about when making a public statement of known identity is
warranted.  One of the nice things about OpenPGP is that there is no
requirement for everyone to have the same certification policy.

> If someone revealed to you "adrelanos" was a secret FBI operation,
> would you still sign it?  (FBI behind "adrelanos" might be the true
> original author of the software, accept bug reports, feedbacks, etc., and
> I've heard they have really nice blokes there.  So essentially nothing
> changes, except the state of your knowledge.)

I hope it's clear that my certifying anyone's OpenPGP certificate is a
statement about who i believe uses a given name and address and what key
they use.  It is *not* a statement of political affinity, friendship, or
a technical endorsement.

I am happy to sign the keys of people with whom i have fundamental
disagreements.  My saying "this is adrelanos' key" does not say anything
about "adrelanos works for the FBI" or "adrelanos does not work for the
FBI" any more than it says "adrelanos is my friend" or "adrelanos is a
milkman" or "adrelanos babysits my children" or "adrelanos writes
awesome software" or "I can't stand that adrelanos character"



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20130405/e8b7bc2d/attachment.sig>

More information about the Gnupg-users mailing list