Forlasanto: > Pseudonyms are fine by me. I don't have a problem signing a pseudonym > key. The pseudonym just has to have context that I can verify. For > instance, if the claim is "Whonix signing key," then that tells me the > way to verify the key is by checking the signature of various releases > of Whonix. If there is a verifiable history of Whonix releases that are > signed by the same key, then I can say "Yes, this key is owned by the > entity that is signing Whonix releases." I'd have to verify this over an > extended period of time, so that if the official website were hacked, > the maintainer had time respond and raise a question about the > legitimacy of the signing key. But beyond that, I'm getting what I need > to verify a pseudonym. He's not claiming that he's independent from all > government agencies; he's claiming that he is the signer of the distro > releases, period. I can live with that, assuming I took those simple few > verification steps. > > I do the same with the key associated with this email address (and > reddit user id). It is what it is: you can know without any real doubt > that that key is truly associated with those accounts by doing a little > research, and since I've made no further claims about the pseudonym, > that's truly good enough. > > Claiming that a key is associated with an actual identity is a different > story. In that case, I would be stating that the name on my key is my > legal identity, which is quite a different claim with vastly different > implications. Therefore, I expect such a key to be verified by, at the > very least, picture identification. I have a friend who requires a > notarized document stating that the key in question belongs to the > person holding that identification. Not a bad plan, really; it uses a > Notary Public to act as a sort of CA, and allows for signing keys that > you may not have personally verifed. You just need to verify the > signature of the Notary Public.
Agreed. > Having said that, I don't believe a pseudonym can be truly anonymous. > Humans leak information. It's in our nature. It takes insane measures > that go directly against human nature simply to/minimize/ information > leakage during communication, and it is impossible to prevent that > information leakage /entirely./ A pseudonym is like a lock on a door. > It only accomplishes keeping out people who don't know enough or care > enough to pick the lock. They can be useful, but I can't recommend one > for the purpose of anonymity. It goes back to that whole "security > through obscurity" concept. It just doesn't work. > All it takes is one > person to "blow your cover." There is no person who knows who is behind this identity/activity. > The only real exceptions I can think of to > that are impersonating someone else, and throwaway identities that you > only use once. > Ironically, forlasanto literally means, "one that is thrown away." It > was originally intended to be a one-off, throwaway identity. But that > just goes to prove my point: the fact that I chose an Esperanto > pseudonym leaks a lot of information about me, and narrows the possible > real identities for me down from 7 billion to about 5-7 million. That's > a huge leak! The fact that my posts are in American English narrow it > down even further--to maybe a few ten thousands. That's before a single > post was read for it's content. See what I mean? We leak information > like sieves. > Another huge leak for keys is signatures. Who signed your key, and when? Until now, no one, never. > This alone can leak your true identity, and it's something you don't > have effective control over. > Forgive me for saying so, but for something as high-profile as a linux > distro, using a pseudonym for signing the distro for the sake of > anonymity doesn't sound like a great plan. What's the alternative? Using my real identity? Does it make it any safer? I am more interested in development and documentation rather than building binaries, testing and uploading. Having deterministic builds and/or some creditable individual or organization (such as eff) creating binaries, signing an distributing more than welcome, but at the moment there is no implication that someone will step forward. >If^H^H^Hwhen someone cracks > your identity, it will somewhat discredit you and your distro as far as > being capable of maintaining anyone's anonymity. It only proves I made a mistake and hopefully others can learn from it. > Sorry for the text wall. Thanks for the text. > On 3/28/2013 5:56 AM, Peter Lebbing wrote: >> On 27/03/13 22:15, Leo Gaspard wrote: >>> until a lot of people verify and sign your public key. >> People might be more inclined to sign the key when it says something like >> >> adrelanos (Whonix signing key) <adrelanos at riseup dot net> >> >> rather than without the comment. >> >> That way, their signature might mean: Yes, this is that key that signs that >> Linux distribution called Whonix. The UID conveys a bit more information about >> which adrelanos specifically we're talking here. >> >> That said, the whole problem with establishing a pseudonym and even getting >> signatures on such a key is difficult. With proper, real names, and most >> importantly people you can meet face to face, it's reasonably established how it >> works. But with a pseudonym, it's completely different. >> >> So I'm just wildly spouting random suggestions actually. It's not really well >> thought through, but I wanted to point out this possibility. >> >> HTH, >> >> Peter. >> > > > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users