Sandeep Murthy s.murthy at
Wed Dec 31 22:54:37 CET 2014

I don’t agree.

Why isn’t the photo ID feature not useful?  Surely any piece of
information that would help another person, with whom you
are proposing to communicate, to identify you first, is a good
thing.  Before they can trust you enough to sign the key (which
can’t be very often using the PGP model) they must be able to
identify you, and a photo ID helps them to put a name to a face,
or at least provides a reference point with which to do other
checks, before signing the key, let alone encrypting -
someone’s photo ID to do a google image search on it, bringing
up other information that could be useful.

Maybe I’m wrong but the problem with GPG is that it has too few
verification tools, like the photo ID.  In my keychain I have 35
public keys for different individuals with whom I may want
to communicate via GPG, but I’ve probably only signed a fraction
of them, maybe 10, and only a handful of those are people I
know personally.  I always sign my messages, but if you are
unable to trust someone enough to sign they key (or even their
signature) then I’m not sure that PGP is very useful or fulfils
its purpose.

As for the photo ID feature itself surely there are technical fixes
for that, including allowing people to upload slightly larger images
than would bepossible with the recommended dimensions without increasing
the key size.  For reference, passport photographs are pretty
small, as we are all aware, (I think 35 by 45 mm in the EU), and
when we send email a scan of our passport page for some job
application or whatever it is not likely to be a good.

s.murthy at

> On 31 Dec 2014, at 14:31, Robert J. Hansen <rjh at> wrote:
>> I've been looking for documentation with info on adding a photo id to a gpg key.
>> The instructions for adding are available but I can't find any advice for the
>> size, format, dpi etc of the image to be used.
> The major problem is there is very little good advice about this, and what there is keeps changing.  For a long time the PGP Desktop product used 120x144 as a picture size.  Back when a high-resolution display was 800x600 it made a lot of sense; now, when my laptop has a 2880x1800 display, a 120x144 image is literally smaller than a postage stamp.
> GnuPG adopted the photo-ID feature a few years later and technology had already progressed to the point where the GnuPG advice was 240x288.  That advice hasn’t changed in over ten years; it’s probably out of date by now.
> With respect to what format should be used, the de-facto standard seems to be JPEG.
> I personally don’t find photo ID to be a useful feature.  They’re too static.  The photo ID on my certificate, for instance, is almost ten years old.  If you need photo ID, a better route would appear to be something like, which offers some neat tools for binding a certificate to photographs, social media accounts, and whatnot.
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 873 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: </pipermail/attachments/20141231/146d04e4/attachment.sig>

More information about the Gnupg-users mailing list