Re: moving user ID Comments to --expert mode
Hi On Monday 7 February 2011 at 5:37:11 AM, in mid:4d4f8507.7010...@fifthhorseman.net, Daniel Kahn Gillmor wrote: Here are some legitimate User IDs that do not correspond to a single individual: * deb.torproject.org archive signing key * Debian Archive Automatic Signing Key (6.0/squeeze) ftpmas...@debian.org These are legitimate to my mind because the unambiguously identify an entity responsible for the key (despite the fact that the entity is not a single individual). Note that the latter happens to be an RFC 822-style e-mail address, but the former does not. The e-mail address form is *not* relevant to the legitimacy of the User ID, other than its ability to disambiguate potentially-conflicting claims to the same name (e.g. there might be multiple John Smiths, but there is only one john.sm...@example.org if you subscribe to the global namespace described by DNS). Does this ambiguity cause you to not consider the string John Smith to be a legitimate User ID? Isn't the User ID simply the string which the user has chosen as an identifier for their key, which can be something more human-friendly than the key id? User ID is short for User Identifier. The User ID is not only friendlier than the key ID -- it actually refers to something outside the cryptographic realm in which the key operates. Or might be a name the user has given to the key itself to enable easy identification, for example there are many called Test Key. I thought the Key ID and the User ID both identified the key, As their name implies, the Key ID identifies the key, and the User ID identifies the User (or keyholder). Does it actually _imply_ that, or does that merely fit the de facto standard of User IDs containing real names (and usually email addresses)? The terms Key ID and User ID also reflect one being mathematically derived from the key material whereas the other is chosen by the user. -- Best regards MFPAmailto:expires2...@ymail.com Consistency is the last refuge of the unimaginative ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On 2/8/11 6:27 PM, MFPA wrote: Does this ambiguity cause you to not consider the string John Smith to be a legitimate User ID? Let's stop talking about 'legitimate' user IDs, because there is no authority that can determine for all users what are or are not 'legitimate' user IDs. Each user/group gets to determine for themselves what it means to be a 'legitimate' user ID. This explosion of authorities means this line of discussion is unlikely to be fruitful. As their name implies, the Key ID identifies the key, and the User ID identifies the User (or keyholder). Does it actually _imply_ that, or does that merely fit the de facto standard of User IDs containing real names (and usually email addresses)? The terms Key ID and User ID also reflect one being mathematically derived from the key material whereas the other is chosen by the user. De facto standard. There is no canonical authority on what a user ID should be, or which ones are legitimate and which ones aren't. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On Sun, 6 Feb 2011 20:46, d...@fifthhorseman.net said: The User ID is the most commonly-used way to *find* the key -- but it does not identify the key. It identifies the user. The fact that people are willing to cryptographically bind the User ID to the key (via In OpenPGP parlance the term key is used as a synonym for the term keyblock which in turn is the OpenPGP saying for a certificate. To refer to the actual key material (plus some meta information), we use the term public key packet. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On 02/07/2011 03:07 AM, Werner Koch wrote: In OpenPGP parlance the term key is used as a synonym for the term keyblock which in turn is the OpenPGP saying for a certificate. While i think this terminology is unfortunate (how do we refer to the key without any additional metadata attached?), i agree with you that the use you describe is widespread. The term OpenPGP Certificate seems significantly less ambiguous than OpenPGP Key to me, which is why i try to use that term instead, but i concede that the common usage intends to conflate the two concepts. Anyway, the User ID still identifies the keyholder, not the key in either sense of the term. The analogous data in an X.509 certificate, the Subject field (or SubjectAltName extensions), does not identify the certificate itself -- it identifies the subject of the certificate. --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On Fri, 4 Feb 2011 16:51, d...@fifthhorseman.net said: Some translation changes might still be worth doing; I would like to see the example User ID lose the comment (including (Der Dichter) in an english prompt is not helpful), and i think the wording should also be Fine with me, if we drop the comment prompt. adjusted, since the User ID does not identify the key -- it identifies the user. But i'll happily pursue translation changes as a separate I disagree. It depends on what you understand as the user. I assume you mean the entity which has control over the secret key. Often this is not just one human but a group of people or some malware. Thus the User ID is still one way to identify the key and it is actually the most commonly used to identify the key. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On 02/06/2011 02:08 PM, Werner Koch wrote: On Fri, 4 Feb 2011 16:51, d...@fifthhorseman.net said: Some translation changes might still be worth doing; I would like to see the example User ID lose the comment (including (Der Dichter) in an english prompt is not helpful), and i think the wording should also be Fine with me, if we drop the comment prompt. great! adjusted, since the User ID does not identify the key -- it identifies the user. But i'll happily pursue translation changes as a separate I disagree. It depends on what you understand as the user. I assume you mean the entity which has control over the secret key. Yes, that's what i mean. Often this is not just one human but a group of people or some malware. Yep, and those keys should probably be clearly marked. Obviously, the malware *won't* self-identify, but there are legitimate keys whose users are not individual humans (like debian's archive signing key), and those do have legitimate User IDs. A User ID for such a key properly identifies the entity which has control over the secret key. It does not identify the key itself. Thus the User ID is still one way to identify the key and it is actually the most commonly used to identify the key. The User ID is the most commonly-used way to *find* the key -- but it does not identify the key. It identifies the user. The fact that people are willing to cryptographically bind the User ID to the key (via OpenPGP certifications, a.k.a. keysigning) is what identifies the key. I realize these are subtle, nit-picky questions of language. Nonetheless, i think they're important to get right. OpenPGP can be a confusing environment for people, and choosing words carefully for one of the major implementations can help to reduce confusion and make the path to adoption less difficult. Regards, --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Sunday 6 February 2011 at 7:46:30 PM, in mid:4d4efa96.9070...@fifthhorseman.net, Daniel Kahn Gillmor wrote: and those do have legitimate User IDs. What's a legitimate User ID? My understanding is that, whilst the de facto standard is a name and an email address, there is no compulsion over what string to choose. The User ID is the most commonly-used way to *find* the key -- but it does not identify the key. It identifies the user. Isn't the User ID simply the string which the user has chosen as an identifier for their key, which can be something more human-friendly than the key id? The fact that people are willing to cryptographically bind the User ID to the key (via OpenPGP certifications, a.k.a. keysigning) is what identifies the key. I thought the Key ID and the User ID both identified the key, the certifications were an assertion from other people that the User ID was consistent with the user's real-world identity, and that these certifications in combination with the User ID identified the user. - -- Best regards MFPAmailto:expires2...@ymail.com Two rights do not make a wrong. They make an airplane. -BEGIN PGP SIGNATURE- iQE7BAEBCgClBQJNTzZ5nhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5p8B0D+wbw FTKiywBgtTUSQGm1H7QiW0jkHYf4t1/25l6mzLmfQtj2TrVWbK6si6hPPBBEswLt 49TkQC7yZHJTnYAChqUjKOyjBCT/9TEHh4WTmm8f2LBJf5+xIL6Sxze9c8j79koY cw2+lBWZtmJZFEp/+V9gz1tBG2+YGfdwZKA151/i =VTDA -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On 02/04/2011 01:12 AM, Werner Koch wrote: Many might nor know that there is a help feature for every input field: Indeed, i had no idea that this was the case. Thanks for the tip. but many more users are using a GUI for key generation and thus it is up to the GUI to preset the comment field. For example GPA uses in non-advanced mode a wizard dialog for key generation and that one does not ask for comment. Yep, fixing the GUIs is a separate task, and i agree it's a worthwhile one. I'll take it up with the GUIs i encounter. I don't have any strong feelings about this, however, here is my own proposal: GnuPG needs to construct a user ID to identify your key. Real name: d Email address: @ You selected this USER-ID: d @ Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? c Comment: test key You selected this USER-ID: d (test key) @ Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? q This change in behavior sounds reasonable to me. No expert option and no translation changes required, Some translation changes might still be worth doing; I would like to see the example User ID lose the comment (including (Der Dichter) in an english prompt is not helpful), and i think the wording should also be adjusted, since the User ID does not identify the key -- it identifies the user. But i'll happily pursue translation changes as a separate topic if we can do away with the Comment prompt by default. The drawback is as with the --expert option: we will receive bug reports like I can't enter a comment anymore ;-). i'm sure that's true :( We can point them at this discussion, though. Regards, --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
Daniel Kahn Gillmor d...@fifthhorseman.net writes: I'd like to propose that GnuPG only prompt the user for a Comment for their User ID under --expert mode. I totally agree with this proposal. If someone wants to add a comment, they should be able to, but I believe that prompting for this on every key generation is a user interface mistake. micah ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On Thursday 03 February 2011, Matthew James Goins wrote: Personally I've never seen a comment that helped me identify the owner of a key in a meaningful way. In my keyring there are several keys where the comment contains the date of birth (and in some cases even the place of birth) of the owner of the key. Regards, Ingo signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Thursday 3 February 2011 at 11:22:54 PM, in mid:4d4b38ce.7080...@dougbarton.us, Doug Barton wrote: FWIW I would love to see the comment field moved to expert mode since it rather clearly qualifies under the If you don't already know that you need this, you don't need this category IMHO, the comment field is firmly in the you don't need this at all category. If Heinrich Heine really wants his UID to be Heinrich Heine (Der Dichter) heinri...@duesseldorf.de he can type Heinrich Heine (Der Dichter) in the name field and heinri...@duesseldorf.de in the email address field. - -- Best regards MFPAmailto:expires2...@ymail.com Don't be silly, it's all make believe anyway -BEGIN PGP SIGNATURE- iQE7BAEBCgClBQJNTFy7nhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pIhsD/jrD L5wwQ+0lRULKUv49zIpDD/x2jWaWhDyJajpCeRuSDPgve/ZPHqazTcZIIfZhaacP A40WjS6bsPqCdwTliyhT1XwACU1FKT7dlvsR2F6Kh8gDhfV66T6oAS2ap0jfneuC yxC0Bn5Wq8e5yTw/kCWmrCjTpcXlq8o7rf9nBJiW =0Jv3 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On Fri, 4 Feb 2011 20:08:08 +, MFPA expires2...@ymail.com wrote: IMHO, the comment field is firmly in the you don't need this at all category. If Heinrich Heine really wants his UID to be Heinrich Heine (Der Dichter) heinri...@duesseldorf.de he can type Heinrich Heine (Der Dichter) in the name field and heinri...@duesseldorf.de in the email address field. I *very* strongly agree with this sentiment. jamie. pgpncVJu4zsmt.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On 2/3/11 3:59 PM, Daniel Kahn Gillmor wrote: * most people just need a simple identity-driven OpenPGP certificate, one that matches their name and e-mail address. Whenever people talk about what most users need, I have to ask to see the user survey that's showing this. History has shown that technically sophisticated users' ideas of what real users need tends to not correlate very tightly with what real users say they need. If moving the Comment: prompt to --expert seems to radical, a more conservative proposal would be to change the prompt from: Comment: to: Comment (leave blank unless you are sure you need this and know what you are doing): or: Comment (most people should leave this blank): Terse is beautiful. I think something like Comment (optional): ... would suffice, and would be a modest improvement on the current prompt. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On 02/03/2011 04:07 PM, Robert J. Hansen wrote: On 2/3/11 3:59 PM, Daniel Kahn Gillmor wrote: * most people just need a simple identity-driven OpenPGP certificate, one that matches their name and e-mail address. Whenever people talk about what most users need, I have to ask to see the user survey that's showing this. History has shown that technically sophisticated users' ideas of what real users need tends to not correlate very tightly with what real users say they need. my user survey is from several years of trying to personally help dozens of people of all skill levels learn how to use OpenPGP for secure messaging. Regardless of the intelligence or technical savvy of the people i've personally helped get more comfortable with OpenPGP, i believe all of them have been baffled by the Comment: prompt. If anyone thinks that removing this prompt would be a Bad Thing, I would love to have a clearer explanation of the Comment prompt that i could refer to when i try to de-baffle people in the future. Looking through my keyring, i see many more useless comments (clutter) than i see comments that might possibly be useful. Of the comments in user IDs in my keyring that might possibly be useful, most of them would be better communicated in some other way than as assertions of their personal identity. I invite you to look through the User IDs in your own keyring, from the perspective of a potential certifier, and ask yourself what does it mean for me to certify these comments? Terse is beautiful. Omitting the baffling prompt entirely would be the most terse, which is what i propose. Do you object to that? I think something like Comment (optional): ... would suffice, and would be a modest improvement on the current prompt. Yes, that would be an improvement over the current situation. i suspect it will cause a non-negligible proportion of users to use the string optional as their comment, but you can't win 'em all :( --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On 2/3/11 4:30 PM, Daniel Kahn Gillmor wrote: my user survey is from several years of trying to personally help dozens of people of all skill levels learn how to use OpenPGP for secure messaging. Regardless of the intelligence or technical savvy of the people i've personally helped get more comfortable with OpenPGP, i believe all of them have been baffled by the Comment: prompt. I'm in a similar position to you, except this is my twentieth year of helping people with PGP. (I started way back in 1991, when PGP first came out and was distributed friend-to-friend on floppy disks... five and a quarter floppy disks.) I have never seen anyone be baffled by the 'Comment:' prompt. Some people have asked, What should I type here?, and I usually explain, nothing, just hit return, and they do. Those who ask what the Comment field means generally understand it very quickly. The problem with using anecdotal evidence as opposed to surveys is there's all different kinds of cognitive biases that go on inside the mind of the person relating the anecdote. With surveys, you can go back to the original documents and say, User #4 said this: what do we think about this user's remarks? Ultimately, I think arguing from anecdote that we need to change the comment prompt is unpersuasive. If anyone thinks that removing this prompt would be a Bad Thing, I would love to have a clearer explanation of the Comment prompt that i could refer to when i try to de-baffle people in the future. Just like a user ID allows you to tell people your email address and your real name, it also lets you put a note in there in case there's anything else you really want people to know. You can skip this: just hit 'return.' I invite you to look through the User IDs in your own keyring, from the perspective of a potential certifier, and ask yourself what does it mean for me to certify these comments? Zero. Comments don't get certified. All my signature means is I have met this person face to face, have seen two forms of government identification, have confirmed a fingerprint and exchanged an email at that address. There's nothing in my signature policy that addresses comments, nothing at all. Omitting the baffling prompt entirely would be the most terse, which is what i propose. Do you object to that? Without a good basis, yes, I do. If you change this prompt you will also break a ton of scripts that expect this prompt. Not only that, but since key generation is a rare occurrence the breakage may occur months or years after the change is made. This isn't something to be done lightly. Yes, that would be an improvement over the current situation. i suspect it will cause a non-negligible proportion of users to use the string optional as their comment, but you can't win 'em all :( You can't prevent people from being gratuitously foolish idiots. Some people think they're tremendously clever by doing things like this, and they'll continue to do it no matter how you change the user interface. It is unwise to Fisher-Price the interface in the hopes of preventing fools from being clever. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On Thu, 03 Feb 2011 17:10:58 -0500, Robert J. Hansen r...@sixdemonbag.org wrote: On 2/3/11 4:30 PM, Daniel Kahn Gillmor wrote: my user survey is from several years of trying to personally help dozens of people of all skill levels learn how to use OpenPGP for secure messaging. Regardless of the intelligence or technical savvy of the people i've personally helped get more comfortable with OpenPGP, i believe all of them have been baffled by the Comment: prompt. I'm in a similar position to you, except this is my twentieth year of helping people with PGP. (I started way back in 1991, when PGP first came out and was distributed friend-to-friend on floppy disks... five and a quarter floppy disks.) I have never seen anyone be baffled by the 'Comment:' prompt. Some people have asked, What should I type here?, and I usually explain, nothing, just hit return, and they do. Those who ask what the Comment field means generally understand it very quickly. I have to agree with Daniel that I have in fact honestly never spoken to anyone who was *not* confused by that field. I can't ever remember seeing a comment field used in any way that made sense to me. I invite you to look through the User IDs in your own keyring, from the perspective of a potential certifier, and ask yourself what does it mean for me to certify these comments? Zero. Comments don't get certified. All my signature means is I have met this person face to face, have seen two forms of government identification, have confirmed a fingerprint and exchanged an email at that address. There's nothing in my signature policy that addresses comments, nothing at all. I'm not sure I understand this comment. Certifications are over user IDs. The comments are in the user IDs. By certifying the full user ID you are also certifying the comment. Omitting the baffling prompt entirely would be the most terse, which is what i propose. Do you object to that? Without a good basis, yes, I do. If you change this prompt you will also break a ton of scripts that expect this prompt. Not only that, but since key generation is a rare occurrence the breakage may occur months or years after the change is made. This isn't something to be done lightly. I think this is why his original suggestion was to move it instead to --expert. Moving it to --expert makes a lot of sense to me. jamie. pgptusULBZJoU.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
I like the idea of adding the (Optional) to the prompt because I'm a big fan of optional fields being marked as such. This is an simple and elegant fix to an issue. And I'd hesitate to move it to expert since we have been (ab)using the comment field for our keys, then again this is being used by sysadmins who should know what they are doing, so moving it to expert mode shouldn't be too bad... but what should be is not the same as what is. On Thu, Feb 3, 2011 at 4:07 PM, Robert J. Hansen r...@sixdemonbag.org wrote: On 2/3/11 3:59 PM, Daniel Kahn Gillmor wrote: * most people just need a simple identity-driven OpenPGP certificate, one that matches their name and e-mail address. Whenever people talk about what most users need, I have to ask to see the user survey that's showing this. History has shown that technically sophisticated users' ideas of what real users need tends to not correlate very tightly with what real users say they need. If moving the Comment: prompt to --expert seems to radical, a more conservative proposal would be to change the prompt from: Comment: to: Comment (leave blank unless you are sure you need this and know what you are doing): or: Comment (most people should leave this blank): Terse is beautiful. I think something like Comment (optional): ... would suffice, and would be a modest improvement on the current prompt. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On Thu, 03 Feb 2011 16:30:00 -0500 Daniel Kahn Gillmor d...@fifthhorseman.net articulated: On 02/03/2011 04:07 PM, Robert J. Hansen wrote: On 2/3/11 3:59 PM, Daniel Kahn Gillmor wrote: * most people just need a simple identity-driven OpenPGP certificate, one that matches their name and e-mail address. Whenever people talk about what most users need, I have to ask to see the user survey that's showing this. History has shown that technically sophisticated users' ideas of what real users need tends to not correlate very tightly with what real users say they need. my user survey is from several years of trying to personally help dozens of people of all skill levels learn how to use OpenPGP for secure messaging. Regardless of the intelligence or technical savvy of the people i've personally helped get more comfortable with OpenPGP, i believe all of them have been baffled by the Comment: prompt. Statistically speaking, a few dozen users is not very meaningful. Furthermore, did you have a test group to compare these results against? In addition, did any one who claimed to be knowledgeable with the concepts of PGP ask you for assistance? Probably not which causes your statistical analyses to be in error. It reminds me of the famous Coke a Cola debacle in the 80's. Their analysis was so flawed that they eventually fired everyone involved in the fiasco, not to mention the fact that they lost millions of dollars. In any case, statistics can be made to represent anything you want them to. If 5% of a group suffers from constipation does that mean the remaining 95% enjoys it? -- Jerry ✌ gnupg.u...@seibercom.net _ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. Q: What is the difference between Texas and yogurt? A: Yogurt has culture. signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On 02/03/2011 05:22 PM, Jameson Rollins wrote: On Thu, 03 Feb 2011 17:10:58 -0500, Robert J. Hansen r...@sixdemonbag.org wrote: Zero. Comments don't get certified. All my signature means is I have met this person face to face, have seen two forms of government identification, have confirmed a fingerprint and exchanged an email at that address. There's nothing in my signature policy that addresses comments, nothing at all. I'm not sure I understand this comment. Certifications are over user IDs. The comments are in the user IDs. By certifying the full user ID you are also certifying the comment. Just to clarify this point: If i meet Robert in person, show him my gov't IDs, my fingerprint, and we exchange e-mails, Robert would probably be fine certifying this User ID: Daniel Kahn Gillmor d...@fifthhorseman.net But i suspect he would not want to certify this User ID: Daniel Kahn Gillmor (I am really Robert Hansen) d...@fifthhorseman.net And he would be right to do avoid certifying it. --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On 2/3/11 5:47 PM, Daniel Kahn Gillmor wrote: By certifying the full user ID you are also certifying the comment. This is not how either OpenPGP or GnuPG work. Certifiers get to define what their certifications mean. Bang, period, end of sentence. There are *no* certification semantics in OpenPGP: there is only a rich and comprehensive set of syntactic primitives. It's true that, say, a persona-level signature is different syntactically than an I-have-done-extensive-checking signature: but OpenPGP quite wisely says *nothing* about the level of checking which goes into each signature level. If you see a certification and you assume you know what the certifier intends, then you are living in sin. Ask the certifier what for their policy: that's the only way to know. Some people will make certifications willy-nilly (well, I've traded emails with the guy a few times...). Some will make certifications only very carefully. Some will make totally unreasonable certifications because they don't know any better, and some will not make reasonable certifications because they have an abundance of paranoia. Unless you ask the certifier, *you do not, and cannot, know*. By certifying the full user ID, I am making a statement that is derived from my own local certification policy. That's all. Nothing else. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
Am Donnerstag 03 Februar 2011 23:22:38 schrieb Jameson Rollins: I think this is why his original suggestion was to move it instead to --expert. Moving it to --expert makes a lot of sense to me. Perhaps it makes sense to extend the output of --gen-key by a hint like Additional features are enabled by the option --expert. Have a look at the documentation. This is independent of this discussion, though. It took me several years to notice this option... ;-) Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814 signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On 02/03/2011 15:16, Hauke Laging wrote: Am Donnerstag 03 Februar 2011 23:22:38 schrieb Jameson Rollins: I think this is why his original suggestion was to move it instead to --expert. Moving it to --expert makes a lot of sense to me. Perhaps it makes sense to extend the output of --gen-key by a hint like Additional features are enabled by the option --expert. Have a look at the documentation. This is independent of this discussion, though. It took me several years to notice this option... ;-) That's part of the test. Congratulations on your passing grade. :) -- Nothin' ever doesn't change, but nothin' changes much. -- OK Go Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On 02/03/2011 14:22, Jameson Rollins wrote: I have to agree with Daniel that I have in fact honestly never spoken to anyone who was*not* confused by that field. I can't ever remember seeing a comment field used in any way that made sense to me. I'm as pedantic as the next geeky dev, but I agree with this, and believe that arguing from example is perfectly valid in this case. FWIW I would love to see the comment field moved to expert mode since it rather clearly qualifies under the If you don't already know that you need this, you don't need this category that --expert is designed to protect the casual user from. I think (Optional) would be an Ok compromise if that's what the gnupg devs think is right, although something closer to (You probably don't want to type anything here, no, really, don't do it) would be better. :) Doug -- Nothin' ever doesn't change, but nothin' changes much. -- OK Go Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On Feb 3, 2011, at 5:10 PM, Robert J. Hansen wrote: I invite you to look through the User IDs in your own keyring, from the perspective of a potential certifier, and ask yourself what does it mean for me to certify these comments? Zero. Comments don't get certified. All my signature means is I have met this person face to face, have seen two forms of government identification, have confirmed a fingerprint and exchanged an email at that address. There's nothing in my signature policy that addresses comments, nothing at all. I'm afraid I'm not parsing your point here. Comments are part of the user ID field. When you make a certification, they are included in the hash. You can't sign part of a user ID. Are you saying that you don't sign things with comments? (Comments don't get certified). Or are you arguing the *meaning* of the certification (you may or may not sign the user ID, but if you did sign it, the comment part should be considered null and void in terms of your particular certification)? Or something else? Omitting the baffling prompt entirely would be the most terse, which is what i propose. Do you object to that? Without a good basis, yes, I do. If you change this prompt you will also break a ton of scripts that expect this prompt. Not only that, but since key generation is a rare occurrence the breakage may occur months or years after the change is made. This isn't something to be done lightly. I suppose I don't really have particularly strong feelings about whether comment is put under --expert or not, but either way this argument is not a good one. We have made many changes to the keygen prompts over time, and no doubt will continue to do so in the future. The only scriptable interface for key generation in GPG is --batch --key-gen, and it is documented as such. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On 2/3/11 6:30 PM, David Shaw wrote: Or are you arguing the *meaning* of the certification (you may or may not sign the user ID, but if you did sign it, the comment part should be considered null and void in terms of your particular certification)? This. I may agree with the comment, I may disagree with it, but either way I am not vouching for it. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On Thu, 03 Feb 2011 17:54:39 -0500, Robert J. Hansen r...@sixdemonbag.org wrote: But i suspect he would not want to certify this User ID: Daniel Kahn Gillmor (I am really Robert Hansen) d...@fifthhorseman.net Correct. Because the presence of my signature means something. The *absence* means *nothing at all*, and you're smart enough to know that. Just out of curiosity, can you explain why you wouldn't sign dkg's hypothetical user ID? jamie. pgpkFAKu20oug.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On 2/3/11 6:09 PM, Jameson Rollins wrote: Just out of curiosity, can you explain why you wouldn't sign dkg's hypothetical user ID? Because with a comment like that, my impression would be that he was aiming to deliberately yank my chain: and why should I put up with that? To use that as an example, and to simultaneously lose sight of the you know, I'm kind of being a jerk here, and why should do me a favor by making a certification if I'm being a jerk to him? factor, is to reduce humanity to automation. It implicitly says, you must do this, because to be otherwise is illogical. I demand logic in technical matters. In social matters, I embrace my humanity, which is to say my right to be inconsistent. I heartily recommend this course of living to everyone. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On Thu, Feb 03, 2011 at 04:07:40PM -0500, Robert J. Hansen wrote: Whenever people talk about what most users need, I have to ask to see the user survey that's showing this. I don't think it matters what the real numbers are. We've all seen user ids with utterly unhelpful comments, and it stands to reason that some fraction of them were put in place because novice users felt obligated to include a comment. The first time I used gnupg this is exactly what I did, as evident in my old keys on the keyservers. Personally I've never seen a comment that helped me identify the owner of a key in a meaningful way. So since it occasionally causes silliness, and rarely or never to my knowledge helps, I would go so far as to say that use of comments should be strongly discouraged. --mjgoins signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On 2/3/11 5:32 PM, Matthew James Goins wrote: Personally I've never seen a comment that helped me identify the owner of a key in a meaningful way. The problem with anecdote is everyone's anecdote is different. As a ham radio operator (KC0SJE), I have a fair number of keys that have comments of Amateur radio: KC0SJE. (A former cert of mine had Amateur Radio tagged on my kc0sje@my.domain address, for instance.) And yes, I do find it helpful to have someone's ham call on their key: when I'm sending a contact report to someone, it's nice to be able to grep through my keyring looking for their call sign and get the email address it should go to. The user community is huge. Just because you don't see it doesn't mean other people don't use it. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On 2/3/11 8:17 PM, Doug Barton wrote: So, you're saying that hams are not smart enough to figure out how to use expert mode if they really want this functionality? :) You're moving the goalposts. That was responding to someone who denied the usefulness of comments at all. If I'm establishing there are communities who use comments, and these communities often exist under the radar of list members, then it's disingenuous to say but they can just use expert mode. Whether it should be in normal mode or expert mode is a completely different question from whether there exist a significant number of users who find the comment field useful. As long as we're moving things into expert mode, I'd like to see all non-default options moved into expert mode, including key lengths. I've never seen anyone outside of the intelligence community who had a need for a 4096-bit key: why do we support generating them? I've seen people screw up expiration dates more often than I've seen them use expiration dates as part of a sane, rational security policy: why is this option part of the default, why isn't setting an expiration date reserved for expert users? Etc., etc. If you open up the well, I think it ought to be in expert mode, there are a lot of other things that ought to be moved over there first. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On 02/03/2011 17:23, Robert J. Hansen wrote: On 2/3/11 8:17 PM, Doug Barton wrote: So, you're saying that hams are not smart enough to figure out how to use expert mode if they really want this functionality? :) You're moving the goalposts. That was responding to someone who denied the usefulness of comments at all. If I'm establishing there are communities who use comments, and these communities often exist under the radar of list members, I don't disagree with anything above, but then it's disingenuous to say but they can just use expert mode. Why? Restating my argument in a more serious fashion: 1. There are very few people who usefully benefit from comments 2. Most novice users who add a comment do so badly 3. Therefore moving the option to expert mode is a win for the community. Whether it should be in normal mode or expert mode is a completely different question from whether there exist a significant number of users who find the comment field useful. I actually disagree with this as stated, although I will grant you that point 2 above is included in the overall issue. :) As long as we're moving things into expert mode, I'd like to see all non-default options moved into expert mode, including key lengths. I've never seen anyone outside of the intelligence community who had a need for a 4096-bit key: why do we support generating them? I've seen people screw up expiration dates more often than I've seen them use expiration dates as part of a sane, rational security policy: why is this option part of the default, why isn't setting an expiration date reserved for expert users? Etc., etc. That all sounds good to me. Doug (seriously) -- Nothin' ever doesn't change, but nothin' changes much. -- OK Go Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On 02/03/2011 17:10, Robert J. Hansen wrote: On 2/3/11 5:32 PM, Matthew James Goins wrote: Personally I've never seen a comment that helped me identify the owner of a key in a meaningful way. The problem with anecdote is everyone's anecdote is different. As a ham radio operator (KC0SJE), I have a fair number of keys that have comments of Amateur radio: KC0SJE. So, you're saying that hams are not smart enough to figure out how to use expert mode if they really want this functionality? :) Doug -- Nothin' ever doesn't change, but nothin' changes much. -- OK Go Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On 2/3/11 8:36 PM, Doug Barton wrote: then it's disingenuous to say but they can just use expert mode. Why? Because it does not recognize the validity of a well-answered question. When a question is asked and answered, it is good form to recognize the answer, rather than say ... well, but! Moving the goalposts, in addition to being a logical fallacy, tends to persuade people that you're not really interested in the answer. ... E.g., Lee Harvey Oswald didn't kill Jack Kennedy! The shots weren't fired from the Texas Book Depository. Well, in point of fact, his co-workers saw him going up to the floor where he fired from, and a lifelong hunter co-worker of his was exactly one floor below and heard the gunshots, the shooter working the bolt of the rifle, and the brass ejecting on the floor. But there's no way any human being could fire those shots that quickly and accurately! That's the work of a military sniper, not a deranged gunman! Oswald couldn't have been the shooter! Well, now you're moving the goalposts: but, while we're talking about it, the Warren Commission was able to find an Army specialist[*] who was able to not only fire faster than that, but with better accuracy. But what about the grassy knoll and the fourth gunshot?! ... Listen, you're not really interested in having a discussion about this, are you? For every claim of yours that gets refuted, you just move the goalposts somewhere else. I'm done talking: it doesn't matter what answer I give, you're going to keep subscribing to these ridiculous and refuted conspiracy theories. [*] Non-Americans: 'specialist' is a rank in the United States Army, just barely above a raw recruit. Instead of being a specialist shooter, as you might think from the phrase Army specialist, it really means, the Warren Commission found a young soldier who was barely able to tie his own shoes without a sergeant's help, and even *he* was able to do a better job than Oswald. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 El 03-02-2011 22:17, Doug Barton escribió: On 02/03/2011 17:10, Robert J. Hansen wrote: ... The problem with anecdote is everyone's anecdote is different. As a ham radio operator (KC0SJE), I have a fair number of keys that have comments of Amateur radio: KC0SJE. So, you're saying that hams are not smart enough to figure out how to use expert mode if they really want this functionality? :) Guys, it is just a comment field, is it so hard to ignore comments that are meaningless to you? Maybe they have some meaning to someone else. Personally, I'm tired of saying ok, where did they put that thing I used to use, and that was so easy to find in the previous version?. Best Regards -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJNS4aIAAoJEMV4f6PvczxAb7IH/iNa8WB2hGBokex3HPbmihXc cEx0hSmeXKgkGbD7lVi7V9CBy6FCdYcTqTQCs3i5SIPCabBbEai/yzbg9Smgf5Nc ZbhDxb7sFimKAXrzi0+VZO9x4IlpNHZYUWvJya1xr085XKnIrBl0FUMGXqVV7MeM PRUUlFeKa2MvK3nOLlK9KeMJb3C0t/A0KRwxl7997q7d9INATAz9ZrDd2U5Bync9 aSwx74ZvGvaVnEMUK0E3Y8EwLUIb0CqDUPPtN1Y3mndxBuksGN1BDtDQmHfRjIQl l53WKG9cq2k4TzxXJ4U/OTPRTPG3pFsNAgDkpBp6Kh2cwW+qvxPLd2sQubhh0s4= =tS8D -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On Thu, 3 Feb 2011 21:59, d...@fifthhorseman.net said: * new users see the prompt and think they need to enter something there, without understanding why or what to put there. This leads to people either making a witticism (e.g. No Comment), repeating their I have only seen a few of these comments; thus I don't think it is a real problem. I use the comment failed mainly to indicate a test key and I have seen other sensible usages as well. Many might nor know that there is a help feature for every input field: GnuPG needs to construct a user ID to identify your key. Real name: d Email address: @ Comment: ? Please enter an optional comment. The characters ( and ) are not allowed. In general there is no need for a comment. Comment: but many more users are using a GUI for key generation and thus it is up to the GUI to preset the comment field. For example GPA uses in non-advanced mode a wizard dialog for key generation and that one does not ask for comment. I don't have any strong feelings about this, however, here is my own proposal: GnuPG needs to construct a user ID to identify your key. Real name: d Email address: @ You selected this USER-ID: d @ Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? c Comment: test key You selected this USER-ID: d (test key) @ Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? q No expert option and no translation changes required, just one more key stroke to enter a comment. The drawback is as with the --expert option: we will receive bug reports like I can't enter a comment anymore ;-). Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On 02/03/2011 17:52, Robert J. Hansen wrote: On 2/3/11 8:36 PM, Doug Barton wrote: then it's disingenuous to say but they can just use expert mode. Why? Because it does not recognize the validity of a well-answered question. I recognized it, but I don't think the answer is as central to the question of moving comments to expert mode as you do. Daniel's argument boils down to almost everyone who uses a comment doesn't need to, and most of the ones who do use them poorly. Your counter argument boils down to, yeah, but here is a group of people who use comments well. I gave a tongue-in-cheek response, but the kernel of it was (IMO) pertinent. Doug -- Nothin' ever doesn't change, but nothin' changes much. -- OK Go Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: moving user ID Comments to --expert mode
On 2/4/11 2:16 AM, Doug Barton wrote: I recognized it, but I don't think the answer is as central to the question of moving comments to expert mode as you do. Daniel's argument boils down... I wasn't responding to Daniel. I was responding to Matt Goins, as was shown in my message, who said he had never seen any comment that helped him identify the owner of a key in a meaningful way. To that statement, pointing out the ham radio community's use of comment fields to store license numbers is on point. Moving the goalposts to, but ham operators can still set comment fields with --expert, is not. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users