User id's without person's name, only email
andrewg at andrewg.com
Wed Nov 17 18:11:30 CET 2021
On 17/11/2021 14:40, Teemu Likonen wrote:
> 2. Second "address book" is my OpenPGP keyring. It groups persons'
> names, their email and other key data. If many keys don't have name
> in their user id it could be inconvenience. Computer programs can
> find keys but often we need also manual "gpg -k" etc. Real names
> help there.
It may sound like a nerdy quibble, but it's a fundamental weakness.
Mapping a "Real Name" to an email address is a conceptually different
thing from mapping an email address to a public key. Conflating the two
introduces confusion about what exactly is being verified by the
cryptographic toolchain. If an MUA's address book is not sufficiently
user-friendly, then that's a user interface shortcoming that can't be
fixed by introducing RFC-822 "Real Names", which were highly
questionable long before email encryption was invented...
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users