[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Photo ID is not needed for key signings....




On Fri, 13 Jun 1997, Bill Frantz wrote:

> >pub 2048/FFFFFFFF 01/01/90 John Doe [email protected]
> >sig                        John Doe   (0xFFFFFFFF)
> >sig                        Mary Jane  (0xAAAAAAAA)
> >sig                        Tom Thumb  (0x11111111)
> >sig                        Tiny Tim   (0xCCCCCCCC)
> >aka                        John Doe [email protected]
> >sig                        John Doe   (0xFFFFFFFF)
> >
> >Since John Doe is the only one who could sign the key with the new aka one
> >can assume that the aka is as valid as the original userid.
> 
> So if John Doe wants to be known as "[email protected]" or "Tim May
> <[email protected]>" all he has to do is change the field, and upload the
> changed key to the key servers, and all the signatures should remain good?

Well, no, not really.  See, the way PGP handles keys (at least the RSA
keys) makes it very difficult to remove an id once it's hit a keyserver.

Oh yeah, a signature also encompasses the key-id that you sign when you
sign the key.  So the signatures would fail if the key-id they referred to
was drastically changed...

-----------------------------------------------------------------------
Ryan Anderson - <Pug Majere>     "Who knows, even the horse might sing" 
Wayne State University - CULMA   "May you live in interesting times.."
[email protected]                        Ohio = VYI of the USA 
PGP Fingerprint - 7E 8E C6 54 96 AC D9 57  E4 F8 AE 9C 10 7E 78 C9
-----------------------------------------------------------------------