Recommendations for handling (multiple) user IDs - personal and company ones

Daniel Kahn Gillmor dkg at
Sat Jun 8 22:16:18 CEST 2013

On 06/08/2013 03:21 PM, Hauke Laging wrote:
> Crypto is NOT about comfort but about security. The point is: Does a 
> certification make sense? Most certifications I see do not.

People simply won't use tools that they aren't comfortable with.  This
is a delicate tradeoff, but if you're willing to sacrifice everyone's
comfort to build a system, that system simply won't get used.  The end
result?  decades of cleartext e-mail, long after we had the tools to do
better :(

> They come without a certification level,

Including a certification level, given the state of modern OpenPGP
implementations, is meaningless and serves only to leak information
about the social graph which otherwise wouldn't be leaked.  I think it's
also a bad idea, and i'm grateful to Werner and the rest of the GnuPG
crew that it is not a question asked by default, as i've also argued
publicly recently:

> without a policy URL, usually have no
> (especially not a reliably signed) key policy and are usually not made by 
> offline main keys (or similar). In the end: more or less worthless. The WoT in 
> its current form is occupational therapy for people who refuse to do crypto 
> right (or rather: don't know what that means).

If you want to be able to do machine-level inference about user identity
(so that a user's computer can tell them with confidence "This is Sally,
you know this because Joe said so"), and you insist that policy URLs are
critical then you probably also need machine-readable policies; and you
need to define a way that users can declare their sentiments about
specific policies, in addition to declaring their sentiments about how
well they think some other keyholders can effectively implement each
flavor of policy encountered.  This sounds like a complicated mess, and
afaict no one is working on this.  it is another barrier to
participating in the OpenPGP network of certifications.

Learning the basics of what it means to responsibly hold a secret key
and make (or choose to not make) identity assertions with it is already
too complex for most people.  Adding layers of complexity to the system
will simply make the user base smaller.  This is particularly disastrous
with systems that rely on the network effect for any sort of public

> Who cares? The question is: Does such a UID make the key better (with or 
> without the WoT)? And if the answer is "It does", who would dare argue against 
> that with the vague definition from the RfC?

I would argue "it doesn't make it better" because it confuses people
about what User IDs are, which makes it harder for them to participate
in OpenPGP's network of certifications.  Clearly, we disagree here.

> A comment may be a statement about the function of the key owner in an 
> organization and thus is an important part of the identity. This is explicitly 
> intended by signature law! Such a comment should be certified by the 
> organization's certification key only.

It sounds like you're saying that the presence of some comments in User
IDs make it so that no one else is supposed to certify those User IDs,
for some sort of legal reason ("signature law") which i don't know about
or understand.  If this is correct, this sounds like yet another reason
for me to not want to get into the habit of certifying any User IDs with
comments in them.

> You have to read the comment statement and its certification right. It 
> obviously doesn't mean "I have checked that this is true" as everybody 
> immediately understands that it is not possible for the certifier to check 
> this. Instead it means: "I testify to it that the key owner makes this 
> statement about the certified key." And statements about keys are damn 
> important. You cannot do secure crypto without them.

I'm wary of the term "secure" -- can you be more specific about what
benefits we gain as a community from a comment in a User ID like "I have
this primary key offline"?  Are there no other ways to gain those
benefits without putting the comment in the User ID?

> You are right insofar as in a perfect world this information might better be 
> placed elsewhere (standardized, machine readable signature notations). But in 
> this world and this time not even policy URLs are shown by default.

If you think that policy URLs should be shown by default, you should
make the case for that.  I suspect they're not currently shown by
default because they are an additional source of confusion in an already
too-confusing interface for most people.  Who do you want to be able to
participate in the public network -- just a handful of experts steeped
in the arcana?  or everyone capable of operating a computer at a
reasonable level?

> Sorry but the example you use on that page is ridiculous. It doesn't prove 
> anything about UID comments except for the trivial fact that it is possible to 
> use them for ridiculous purposes. You really should not leave that online.

clearly, we disagree about this.  But the overwhelming majority of
comments in User IDs on the public keyservers are exactly of the
ridiculous types used as examples in that page.  Try looking at them
sometime, it's pretty depressing.

This suggests to me that this feature (the "comment" prompt when
generating a new User ID) is causing more confusion and difficulty than
it is providing benefit.

> If someone makes a statement about the security of his key and decides to 
> change this statement for the same key (no matter in which direction) that 
> would be self-sabotage. Stupid behaviour but not nearly an argument against 
> statements about key security. And such statements are useless if they are not 
> certified.

You'll note that i'm not objecting to statements about key security in
general.  I'm objecting to placing them in the User ID.

You can make these statements in other forms than placing them in the
User ID.   For example, you can put a signed message on your web site
about your key maintenance habits, which other people could refer to
when they want to learn from you.

> It would make sense that the certifier demands that statement on 
> paper with a manual signature.

again, it sounds like you're asking for something that would make an
already-too-cumbersome process even more cumbersome.  I don't think
that's to the advantage of the community as a whole.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20130608/e73e35a7/attachment.sig>

More information about the Gnupg-users mailing list