Re: PGP and verifying ids / emails (fwd)
1. The developer in question _does_ know my real name.
2. If you are talking about someone who hasnt met me in real
life, even assuming that I use my "Bob Smith" id, how in heavens name will
they know that it is my real name? They have to trust the fact that there
was a trusted someone who verified that a "real" me owns the id in
question. This would be true even for the Jor-el id.
3. As I pointed out in my email, if the developer in question
wasnt sure that the email id of Jor-el belonged to me, then he wouldnt be
able to sign the following id too : "Bob Smith" <firstname.lastname@example.org>. This is
so ridiculous, becuase it is perfectly valid for a person named Bob Smith
to own an id called email@example.com .
Am I missing something?
PS. Not Star Wars but Superman. Jor-el was the father of Kal-el (aka
Our little systems have their day;
They have their day and cease to be;
They are but broken lights of thee.
On Tue, 27 Jul 1999, Josip Rodin wrote:
> On Tue, Jul 27, 1999 at 01:00:04PM -0500, Jor-el wrote:
> > 1. Should he have signed my PGP key if the id I sent him was "Bob Smith"
> > <firstname.lastname@example.org> . The "Bob Smith" tag is totally arbitrary and has less
> > permanance than the actual email id attached to it. If he could sign it
> > with the "Bob Smith" tag attached to it, why wouldnt he be able to sign a
> > key for the same email id with the "Jor-el" tag attached to it?
> You want someone to correspond with you regarding some serious things
> without you letting him know your real name?
> BTW, isn't "Jor-el" a Star Wars character?
> enJoy -*/\*- don't even try to pronounce my first name