User id's without person's name, only email
bernhard at intevation.de
Wed Nov 17 15:59:39 CET 2021
Am Dienstag 16 November 2021 18:06:02 schrieb Andrew Gallagher via
> On Tue, 2021-11-16 at 18:20 +0200, Teemu Likonen wrote:
> > Am I seeing a starting trend here? Do some people think that it is
> > better practice to have only have email address as user id?
Some email providers offering pubkeys via WKD only accept email-only
uids, see the policy flag "mailbox-only" in
> It is reasonable therefore to take the view that the non-email portion
> of a userID is cruft at best (and an unnecessary leakage of personal
> information at worst).
There are two potential problems here:
a) usability in case of deliberately missleading information
madam president <joe.doe at example.ntvtn.de>
b) abuse prevention and responsibility on case of illegal information
Mr X is an XXX he lives at Drowning Street YY <joe.doe at example.ntvtn.de>
However an email provider can exclude those ab-use-cases in their terms of
service with their users and hold them responsible in case of violation.
So it is still okay to use uids which are no email addresses or some uids with
more or other information. Just do not expect other services to carry this
information, do not fully trust them (just like you do not trust pubkeys by
default) and be prepared to take responsibility for the contents you are
www.intevation.de/~bernhard +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 659 bytes
Desc: This is a digitally signed message part.
More information about the Gnupg-users