Doh! Originally sent off list... Maybe Robert got a psychic vibe... On 2/27/2010 2:21 PM, MFPA wrote: > > I don't want such a vote. Whether somebody chooses to include an email > address in their UID is up to the individual. I have not seen anything > that convinces me it is better for me to include one. > >
It sounds like you're using the software to do the opposite thing that many people do. I think digital signatures are utilized much more than encrypted communication. And digital signatures are about authenticating to a real person, and not anonymity. If you don't want to publish your email for the anonymity/privacy reasons you've outlined, then you probably don't want to use your legal name either. And it looks like you don't. Which is fine for encrypting documents. But it renders two key features of digital signatures meaningless. Authentication and Non-repudiation go out the window. How do I authenticate that an anonymous entity is really an anonymous entity? That doesn't make any sense. How do I get into a dispute with an anonymous entity about whether he really agreed to do X? And although it does prove message integrity, that, in and of itself, doesn't mean much for an anonymous entity. So a few examples to elaborate. I'm going to use MFPA as the anonymous user who doesn't have a real ID for clarity sake. It's better than "anonymous entity". Just to be clear, I'm not really talking about you or making any personal attacks in the examples. You're just the generic guy with the non-identifiable key. Farfetched example. An email from MFPA pops up on the list. "My house burnt down. Lost my key. Lost my rev certificate. Here's my new info." Five minutes later, another email from MFPA. "That dude generated a fake key. Keep using the old one. The new one is bad!" A third email from MFPA. "That last dude is lying. Turns out he stole my laptop before burning my house down." Who do we trust? Which key do we use? We have no way of knowing who the real MFPA is, because he was anonymous to begin with. How could I sign your key? It sounds like you don't want anyone to sign it anyway, plenty of other people want to sign keys and build the web of trust. I can't verify your key in any way. You're anonymous. There's no way to prove you're MFPA. So I can't sign your key. Lets assume among your circle of friends, who know each other personally in real life, you sign off on each others keys. And I somehow know one of your friends, and we sign each others keys. To me, it's a meaningless assertion for someone to claim that they've verified that you're the real MFPA. That doesn't mean anything to me because you're anonymous to me. It also doesn't mean anything if you've signed off on someone's key. What does it mean to me that MFPA vouched for someone else's identity? Another meaningless assertion. I'm not really using OpenPGP encryption at all. I may never need to send an encrypted email. None of my real-life friends, family, co-workers use it. Not Cuban, Iranian, or in the Falun Gong. I use it for two things, (1) to post on computer geek mailing lists, and (2) to verify software packages. For (1), I guess I'm not too concerned about digital signatures. The PGP Global Directory is good enough authentication for me. For (2), I actually am. It'd be nice to have the software packages signed by a validated key. If people don't use personally identifying information, the web of trust breaks. The only way for me to actually validate a key is to meet with the software packager personally. And I think many people fall into that camp. Authentication is more important to them than anonymity and encryption.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
