"just invent something..."

LisToFacTor listofactor at mail.ru
Thu May 21 00:14:40 CEST 2020 

On 5/20/20 6:52 PM, Andrew Gallagher wrote:
> 
>> On 20 May 2020, at 18:51, LisToFacTor via Gnupg-users <gnupg-users at gnupg.org> wrote:
>>
>> Demanding a piece of information from someone who would prefer not
>> to give it is equally user-hostile, especially so if he who demands
>> it does so only because it is required by some internal mechanics
>> of the system he constructed
> 
> “Demand” is a strong word that I don’t believe is justified here, and only serves to inflame the debate.
> 
> Most implementations of email require that you enter a “real name” of some kind. OpenPGP/GPG strongly encourage you to use the same real name on your key as you use on your email profile - this is for the benefit of your correspondents, since using different IDs will likely cause confusion. You are free to ignore this recommendation but I don’t think the documentation should encourage novices to do so.
English is not my native tongue, and the word I've chosen is based
on my interpretation of the dialog presented by the program when
generating the key:

> GnuPG needs to construct a user ID to identify your key.
> that the Old Guard (somebody
used the term in one of the previous posts) just can't even

> Real name: 
upon entering an empty string, the response is:
...
> gpg: [internal]: no User-ID specified 
(and the program quits with no further explanation)

To me, this appears to qualify as a demand for user's "Real name".

It is not up to a program designer to decide that it is mandatory for
a user to provide a piece of personally identifiable information
because "this is for the benefit of your correspondents, since using 
different IDs will likely cause confusion."  User is the one to decide 
what personally identifiable information to provide, when and to whom.

And if the is demand for such information is refused, and the service
is summarily denied, (as outlined above) then it is not okay for the
program designer to wash his hands with "...so why didn't you just
invent something...".

Of course, it would be a one-minute job to change the prompt to
"enter a “real name” of some kind..." (or something to that effect,
better formulated). But with that, the whole "Web of Trust" structure
would collapse, and that is something to horrible to even
contemplate.

More information about the Gnupg-users mailing list