Mapping a "Real Name" to an email address is a conceptually different
thing from mapping an email address to a public key.

Except that should we be mapping keys to email addresses in the first place?

When we sign a certificate we make an assertion that this cryptographic material is controlled by this entity. I control the cryptographic material associated with certificate 0x1DCBDC01B44427C7. r...@sixdemonbag.org controls nothing -- it's just one of several places I pick up mail.

I have long considered mapping keys to email addresses to be a fundamental flaw. It obscures exactly what it is we're trying to assert: that cryptographic material is controlled by *people*.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to