keys.openpgp.org not sending confirmation email

Binarus lists at binarus.de
Thu Sep 19 08:27:15 CEST 2019 


On 18.09.2019 17:30, Stefan Claas via Gnupg-users wrote:
> Binarus wrote:
> 
>> You have stated that my real name must be in the key ID if I would like
>> to have the key certified by Governikus. Does the key ID need to have
>> other personal data in it? After all, as an example, there for sure are
>> at least 1000 people in Germany whose name is "Peter Meier" (which is
>> the reason why I personally will always use the email address (instead
>> of the name) as the criterion when searching for a public key). If there
>> is other personal data in the ID (like the address), what happens when
>> people relocate?
> 
> AusweisApp reads your personal data from your ID-card and then Governikus
> certifies your key, containing your real name. Your key does not need to
> have other personal data besides your real name.
> 
> My UID for example looks like this: Stefan Claas *offline key* <sac at 300baud.de>
> 
> I know that there is as second Stefan Claas living in Germany, but
> he will not have the same email address like I have. So people looking
> up key servers could then find of course (if he would upload a key too)
> a second Stefan Claas.
> 
> I have no expierence when one relocates, but as I see it it does not matter
> as long as you are a holder of a German ID-card.
> 
> When in doubt always give a hint to your key in your email signature,
> so that people you are communicating with know the proper key to fetch.

OK, that makes sense. Thank you very much for the explanation.

My question regarding the relocation was only meant for the case that
Governikus would need other personal data besides the name (e.g. the
address) in the ID to certify a key.

So the real name is the only mandatory part in the ID of a key certified
by Governikus, while other parts, notably the email address, are
optional. Perhaps this policy is too relaxed. Personally, I always
include the respective email address(es) in my keys' IDs, but some
others probably don't (if they aren't forced to).

IMHO, this system lacks a mandatory unique token in the key ID. The
natural choice for such a token would be the email address, because in
the first place it is the only thing you know for sure when writing a
private message to somebody else who you haven't become acquainted with
yet. Perhaps Governikus should think of making it mandatory.

Regards, and thanks again,

Binarus

More information about the Gnupg-users mailing list