Re: Delete key from keyserver

Tue, 25 Oct 2005 19:04:48 -0700 

David Shaw wrote:

Some people (myself included) check both before signing.  The name via
some sort of formal ID, and the email via a mail challenge.


As do I, at least for a level 3 signature.


Still, if you don't want to bind both tokens together, just create an
user ID of <[EMAIL PROTECTED]> without the name attached or a user

ID of "Alex Maurer" without the email address attached.  



I understand that it's possible to do this.  I was just lamenting the 
fact that it is very strongly discouraged by GnuPG:


  Real name:
  Name must be at least 5 characters long


Some people

will not sign such a user ID though, 



I don't understand why.  If you trust the association of the Name and 
key, how/why would having an email address in there as well improve the 
trust?



and at least the name-only one is
of questionable usefulness in practice.



If it's of questionable usefulness, then having the name there at all is 
of questionable usefulness, and so is the verification of documents. 
Theoretically, the point of a physical meeting is:

* Physical person linked by photo ID to name.
* Name linked to key by the key field "Real Name"
? Possibly Physical person linked to photo uid by appearance.

Any verification of the email is a totally independent operation, 
linking the email address and the key, but not the name with the email 
address.  Why should the signature connect them?



I could make a conventionally-UIDed new key with a friend's name and a 
new email address, and he could meet with you and you could verify all 
his official documents, but it would prove nothing about the email 
address.  Then you could verify the email address with your challenge 
method of choice, and it would confirm that the recipient of the mail 
could use the key.  The end result would be a key that had an invalid 
association between the name and the email address.



Not that this cannot be done even if the name and email address are 
separate entities, but at least it becomes more obvious. And UIDs 
wouldn't have to contain every combination of name and email address.



Anyway, the point of this rather long-winded bit is that it should be 
possible to only sign the email if that's all that has been verified, or 
only sign the name if that's all that's been verified.


-Alex Mauer "hawke"



Attachment:
signature.asc

Description: OpenPGP digital signature


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users



























					Reply via email to