UI terminology for calculated validities

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Apr 25 18:47:46 CEST 2014

On 04/25/2014 12:38 AM, Hauke Laging wrote:
> Am Mi 23.04.2014, 20:32:27 schrieb MFPA:
>> Say a user has two keys, 0x0123456789abcdef and 0xfedcba9876543210. I
>> propose each key could sign the other with a signature notation
>> something like:-
>> siblings-0x0123456789abcdef-0xfedcba9876543210 at example.org.
> a) You always want to use fingerprints instead.
> b) You do not need any reference to a key anyway because it is 
> absolutely clear which keys this statement refers to if one key signs 
> another.
> c) I would like to handle that with an generic notation. I see a strong 
> need for an expression about the relation of the signer to the owner of 
> the signed key. It makes a big difference whether I say "This is some 
> foreigner which has shown me some ID (see separate notation for 
> details)" or "This is my sister". Thus I would like to have a notation 
> "relation@" which would in this case have a value like "identity" or 
> "self", maybe with some additional information like "self: business".

with the possible exception of "self" indications, which i can see as
useful for key transitions and multi-key-holding individuals, i don't
want to see any of these other relationships embedded in the network of
identity certifications which are published.  The social graph exposed
by the public keyservers is rich enough to be useful for networked
identity certifications, but no richer.  it should stay that way, since
rich published social graphs can be used against their participants, and
it's not clear how to use the additional relationship information in an
effective way.

There are many other ways that people can decide how and whether to
publish their relationships with other people.  I don't think folding
this additional complexity into OpenPGP identity certifications is going
to make the identity certifications any easier to use or understand.

let's keep it simple, and minimize the amount of social graph leakage.


PS MFPA's original idea of using a notation to link two primary keys is
interesting, and i see how it could be useful, but i don't think it
belongs in the public keyservers either.  Perhaps something like that
(using full fingerprints, as hauke suggests) could be made by a
non-exportable certification directly on the primary key itself (not
over User IDs).  But this should only be done if there is an algorithm
in place to make use of this information.  Anyone implementing this kind
of cleanup should probably start simpler and just handle the
identical-valid-user-id case first.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1010 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20140425/c633b6dd/attachment.sig>

More information about the Gnupg-users mailing list