[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: GPG Key Signing <Pine.LNX.4.30.0106291016180.5417-100000@tennyson.netexpress.net>

On Fri, Jun 29, 2001 at 11:13:34PM -0500, Manoj Srivastava wrote:
> 	When you see my signature on the key, it means that
>   i) The owner had two forms of photo ID, or a passport and other
>      possibly non-photo means of identification (of course, the
>      identification documents may be forged)
>  ii) They (or a close conspirator) actually control every ID that I
>      have signed. 
> iii) They (or a close conspirator) has control of the secret key
>      corresponding to the signed ID's
> 	It is my belief that these assertions provide value.  The
>  protocol ensure that I can assert so.

I noticed in your protocol that you say the name on the IDs must match the
name on the key. When I had my key signed, I showed ID that had the name
"James Kaplowitz", which is my legal name. On my key, I had the name I go by
in everyday life, which is "Jimmy Kaplowitz". This wasn't a problem for the
Debian developer who signed my key. Would you have a problem with common
nicknames such as Jimmy, or would you need to see documentation that Jimmy
and James were the same person? If you would need the documentation, what sort
of thing would you want to see?

- Jimmy Kaplowitz

Attachment: pgpDmfjWQxfBU.pgp
Description: PGP signature

Reply to: