Multiple email addresses - any alternative to ask everyone to sign all my keys?

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Jul 24 16:13:52 CEST 2013


On 07/24/2013 05:52 AM, Einar Ryeng wrote:
> I'd just stick to three different keys if I were you. Nobody will care that
> they have to sign three keys rather than one or two.

While i agree with Einar that signing three keys isn't a big difference
from signing one key with three user IDs, I will note that if you have
three separate keys, i (as one example) am less likely to be willing to
rely on your certifications.  That is, i'm less likely to "trust" your
keys (which is quite a different thing than signing them) even if i
believe you tend to make reasonable certifications.

DISCLAIMER: I do not know Einar at all and have no way of assessing his
reliability as a certifier; therefore would not assign any non-null
ownertrust to his keys anyway. i'm talking here about a hypothetical
situation where i had some existing reason to be willing to partially
rely on einar's OpenPGP certifications.

My reluctance to rely on a certifications from a user with several keys
is due to GnuPG's trust model; I rarely (if ever) assign full ownertrust
to other people's keys.  I usually mark other people's keys with
marginal ownertrust if i think their certifications are reasonable.
GnuPG will then consider a key+userid combination as "valid" if three
marginally-trusted keys have certified it.  If you control three keys,
and i mark them all as marginally-trusted, then i've effectively granted
you full ownertrust.

So i'm left with a few choices:

 0) go ahead and grant you full ownertrust on all your keys anyway, if
i'm fine with you having full ownertrust

 1) grant marginal ownertrust on all your keys and hope you don't
triple-certify anyone else's key+userid pair to take advantage of the
situation.

 2) grant marginal ownertrust on just one of your keys, thereby
instructing GnuPG to ignore certifications from the other two (in this
situation, i hope that you actually *do* triple-sign every key+userid
you verify because that way i'll get the maximum reach in my set of
validated OpenPGP certificates).

 3) do not assign any ownertrust to your keys; your certifications will
not be useful to me in this scenario.

I don't think any of these situations are horrible, but they do exclude
the (otherwise more-likely) situation where i think "oh, Einar does
reasonable certifications", and just grant you marginal ownertrust and
be done with it.

Have you thought about how you plan to certify other people's keys and
user IDs while operating with three separate keys?

Regards,

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20130724/7ff24034/attachment.sig>


More information about the Gnupg-users mailing list