Re: PGP and verifying ids / emails
-----BEGIN PGP SIGNED MESSAGE-----
Send your questions to ``ASK ZIPPY'', Box 40474, San Francisco, CA
94140, USA
On Wed, 28 Jul 1999, Adam Rogoyski wrote:
> On Tue, 27 Jul 1999, Jor-el wrote:
>
> > Hi,
> >
> > I recently had a developer sign my PGP key, but I havent yet
> > resolved in my own mind some of the points he brought up.
> >
> > I use two email ids : this one (Jor-el <jorel@ibm.net>) and
> > another one which uses my real name, and which for the purposes of this
> > discussion, I will say is : "Bob Smith" <bob_smith@ibm.net>.
> >
> > I met the developer in person, and we exchanged PGP fingerprints.
> > I provided him my PGP fingerprints for both my ids. I later sent him my
> > public keys for signing (via an email using the Jor-el id), and he signed
> > the Bob Smith id. He said that he couldnt sign the second (Jor-el) id
> > since he hadnt seen any proof that I was in fact Jor-el.
> >
> > 1. Should he have signed my PGP key if the id I sent him was "Bob Smith"
> > <jorel@ibm.net> . The "Bob Smith" tag is totally arbitrary and has less
> > permanance than the actual email id attached to it. If he could sign it
> > with the "Bob Smith" tag attached to it, why wouldnt he be able to sign a
> > key for the same email id with the "Jor-el" tag attached to it?
>
> You are missing the point here. I met you, learned by Government
> issued ID that you are, infact, Kenneth Stephen, which is the name that
> appears on the pgp key who's fingerprint you gave me at our meeting. Upon
> retrieving your actual public key and verifying the fingerprint, I know
> that this is, infact, your public key, and I am happy to sign it. The act
> of me signing that key says "I affirm that this key belongs to Kenneth
> Stephen by my own firsthand knowledge."
>
Maybe I am being unusually dense here, but what proof did you see
that the ksteph1@ibm.net id actually belonged to me? For all you know, it
could be the id used by Bill Gates himself, with my name tagged onto it.
Unless you look up my ISP records, there is no way you can say that the id
does or does not belong to me. This is the same for the Jor-el id too.
Under the circumstances, you should have been able to sign the second one
too. If I had presented a PGP key with the id of "Kenneth Stephen
<billg@microsoft.com>" (assuming that this is an email id of Bill Gates),
would you have signed my key? According to your argument, there would have
been no reason for you not to. Indeed your whole argument rests on
trusting me to tell the truth that the email id in question is indeed
mine.
>
> > 2. Lets assume that the answer to question (1) is that under no
> > circumstances should he sign the Jor-el id. Would the Jor-el id be
> > considered trustworthy enough for Debian, if I signed it with my "Bob
> > Smith" PGP key (and given the fact that I had a trusted developer sign the
> > Bob Smith key)? I would be inclined to say 'yes' since, Jor-el could in
> > fact be a totally separate individual, whose key could have been signed by
> > me ("Bob Smith") - after which Jor-el would then be PGP trusted.
>
> Trust is not transferable. Me signing your key tells the world I know
> this key belongs to it's owner. It doesn't say anything about the owner
> or what I trust the owner to do. I only signed your key.
> Please, read the pgp documentation again, /usr/doc/pgp/pgppdoc[12].doc.
> These are Basic questions that you should know.
>
>
> > 3. The developer also mentioned that all Debian developer records are
> > correlated against the real name. I would have no problems providing both
> > my ids to the new-maintainer group and verifying my Bob Smith id to them.
> > But would I be permitted to do uploads or whatever that requires a PGP
> > signature by a signed (by Bob Smith) key of Jor-el. For the curious, its
> > just that I organized all my Debian activities on my machine around this
> > id, while using my other id for non-Debian activities. It would be a great
> > pain to change this.
>
> The name Kenneth Stephen is the only name you proved to me that is
> yours. Would you interview for a job with a different name? Pay your
> taxes with a different name?
If, I become a Debian maintainer, I will indeed provide them with
my real name. But to continue with your analogy, once I am hired by the
company, I can have the sysadmin setup my ids to whatever I want to within
reasonable limits. By the same token, Debian would know what my real name
is, and anyone who wanted to check could do so. What is so sacred about me
using another id which Debian would be able to correlate to me with the
SAME AMOUNT OF ACCURACY AND TRUST that they would have for the other id?
Your argument about them not being able to trust the Jor-el id is based on
the fact that you didnt sign it. My argument is that there is no reason
for you not to sign it, and thus it should also be valid for Debian use.
> What pain is involved in telling pgp what key to use?
>
None. The pain is in reorganizing the files on my machine and my
own procedures.
Jor-el
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBN5+Pnm68Xw0+QedBAQE5ygQAl+Bw/uYgYvgbZGjFWVHLetBWwfOsZzs/
u7xP76l+sYX2QhqSf3hKXdyTM+e6PO35kfertyzQs6ECxXU9EhLO7lxaH3EMeIJi
O1bmCrNLQy5kB+dkVTH/O7Qg9xdnQYBpKSP75HG6CEC54TTL7miGLhK2HZ2Y0Ue+
bDGdqYGHv2c=
=4k0k
-----END PGP SIGNATURE-----
Reply to: