[Freedombox-discuss] Would you sign a key with a pseudonymous keyholder name?
My policy is, when I'm certain that the person holding the key is the
person I expect to be holding the key, I don't have a problem
signing. Possibly they have identification proving that to me. Or possibly
I've communicated and interacted with them enough to remove all doubt. It
is the latter case where I will sign pseudonymous keys.
Trust is a vital component to a public key signature chain; without it,
there is simply no way to guard against spoofing attacks. Anonymity is not
a vital component to public key encryption. In fact, I'm convinced that
it's impossible to have anonymity using public keys without a "leap of
faith."
The whole point of key-signing is that you're verifying that you do know
the providence of the data signed or encrypted by that key. Anonymity is
the opposite of that. If you want anonymity, then you don't want public key
encryption. They are not compatible. However, you can provide anonymity
using a public key if everyone agrees to be an anonymous data relay. This
is basically stacking another technology on top of public key
encryption. Essentially that's the overall idea of Retroshare's file
sharing. You don't have to trust every person in the transfer chain. But
you do have to trust each and every person you directly connect to.
Otherwise, you gain no security from the system.
So I might sign a pseudonymous key, but I'd have to know personally the
owner, AND the owner's connection to the pseudonym.
That's my two cents.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20120721/7b840321/attachment.html>
Reply to: