On 2/26/10 3:14 PM, MFPA wrote: > But if it bears only a slight resemblance to a duck, it is probably > *not* a duck.
You are asserting that (a) the person who created the public key owns the information, (b) the person owns the information has the right to control how it is disseminated, and (c) that if someone shares the information in violation of the owner's wishes they are doing something morally and/or legally wrong. You have to assert (a). Ownership is the legal and/or moral right to control how a resource is utilized. I own my car because I have the legal and moral right to control who drives it. You are claiming the originator of the key material has the legal and moral right to control how it is disseminated: therefore, you are making a claim the originator of the key *owns* the information contained in that key. You have to assert (b). It follows logically from (a). (a) implies (b). And you are asserting (c). You're dressing it up in polite rhetoric about the right to privacy, but at the end of the day you're asserting that people are doing something wrong if they violate the information owner's wishes. In other words, you're in the same boat as the MPAA. Looks like a duck, swims like a duck, quacks like a duck: it's a duck. > The reasonable expectation that somebody will extend the common > courtesy of checking with the owner before publishing their key > falls somewhat short of the owner having total control over their > key. You are presupposing the expectation is reasonable. I am not willing to grant that as a given. > I think personally-identifiable information, including an > individual's openPGP key, should not be made public without the > consent of the individual ... I think it is a reasonable expectation > that the key owner would have uploaded their key to the keyservers > themselves if they wanted it to be there. Again, you are begging the question. We're trying to figure out whether it is reasonable to expect people to keep public keys secret without the owner's permission. What you're saying here is, "it's reasonable because I think it is reasonable." You're assuming the truth of the proposition in question, and using it to try and establish the truth of the proposition in question. > If the key is not already on the servers, that is a pretty strong > indicator that the key owner wants it that way. It's an indicator the key owner has not uploaded it to that network. For instance, what if the key has been uploaded to PGP's keyserver (which, last I checked, did not sync with the network, but is publicly accessible), but not the global network? Is that evidence the key owner wants it publicized, but just not publicized on the global network? Etc., etc. There are a *ton* of edge cases here. The absence of a key on the keyserver network is, itself, only evidence that it's not there. It doesn't show motive, any more than my having a shotgun in my closet shows my motive to commit murder. > I don't understand your comment. It's not unlawful for the > individual to share their own information. It would be unlawful for > the recipient of that information to share it with others without > consent from the individual I am unaware of your qualifications to talk about universally-applicable law. I cannot accept your expert opinion on this subject without it first being established that you are an expert. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users