My policy is, when I'm certain that the person holding the key is the person I expect to be holding the key, I don't have a problem signing. Possibly they have identification proving that to me. Or possibly I've communicated and interacted with them enough to remove all doubt. It is the latter case where I will sign pseudonymous keys.
Trust is a vital component to a public key signature chain; without it, there is simply no way to guard against spoofing attacks. Anonymity is not a vital component to public key encryption. In fact, I'm convinced that it's impossible to have anonymity using public keys without a "leap of faith." The whole point of key-signing is that you're verifying that you do know the providence of the data signed or encrypted by that key. Anonymity is the opposite of that. If you want anonymity, then you don't want public key encryption. They are not compatible. However, you can provide anonymity using a public key if everyone agrees to be an anonymous data relay. This is basically stacking another technology on top of public key encryption. Essentially that's the overall idea of Retroshare's file sharing. You don't have to trust every person in the transfer chain. But you do have to trust each and every person you directly connect to. Otherwise, you gain no security from the system. So I might sign a pseudonymous key, but I'd have to know personally the owner, AND the owner's connection to the pseudonym. That's my two cents.
_______________________________________________ Freedombox-discuss mailing list Freedombox-discuss@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss