gpg for pseudonymous users

Daniel Kahn Gillmor dkg at fifthhorseman.net
Sun Apr 7 16:19:56 CEST 2013


On 04/07/2013 04:06 AM, Stan Tobias wrote:

> I'd be willing, too, to sign the Enemy's key, as long as its UID says
> "Enemy" and not "Friend".

But in fact, no one identifies in either way; "Enemy" and "Friend" are
relational terms, and are not identities.  Neither of them belong in the
UID.

If you want to make a statement about whether someone is your enemy or
your friend, an OpenPGP identity certification might not be the right
way to do it.

  The problem is that "adrelanos" doesn't
> mean anything to you, nor to me, but perhaps it might mean something
> to someone else.  This is a reason for my objection to vouching for
> anonymous identities.  I think it is dangerous.

I think we're talking about pseudonyms, not "anonymous identities".

You seem to think that names of the form "Stan Tobias" and "Daniel Kahn
Gillmor" and "Werner Koch" are somehow more "real" names than
"adrelanos".  You also seem to think that people's identities are
immutable over time.  I'm not sure i believe either tenet is universally
true.  That's fine, and i'm not trying to convince you otherwise --
that's why it's good that we each get to have our own certification
policies!

Some people believe that names like "Daniel Kahn Gillmor" are more
"real" because of their government endorsement (e.g. via
difficult-to-forge identity papers).  I will grant that endorsement by a
government plays a significant role in my willingness to accept that a
person holds a given identity.  However, I am unwilling to constrain my
beliefs about identity to only cover government statements.  Some people
have deeply-held identities that their government refuses to certify,
and some governments are quite willing to issue fraudulent identity
papers under a variety of circumstances.  So i prefer to reserve the
right to use my own judgement, and to be able to rely on other
information besides government endorsement as well.

But let's bring this discussion back out of the metaphysical territory
of "what is the true nature of identity".   In response to adrelanos'
question, I tried to give an example of what sort of
non-government-issued evidence a cautious and open-minded individual
might consider.  What evidence are you willing to consider to establish
belief in someone's identity?

all the best,

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20130407/c148cc3c/attachment.sig>


More information about the Gnupg-users mailing list