Re: Photo ID is not needed for key signings....

[Alan <alano@teleport.com>]

On Thu, 12 Jun 1997, Tim May wrote:

> I can't understand (hint: someone please explain) why I get so many
> requests to send the "tcmay@got.net" key, as opposed to the
> "tcmay@netcom.com" key so widely available. I thought the key signings were
> about the Person Widely Known as "Tim May" being associated with the key
> signed, not some temporary e-mail address.

Have you set up another userid on the key and resubmit it to the key
servers and avoid the confusion.

> My binding was between the key, and "me." Those who wanted to send messages
> to "me" could assume that only "I" could read it. The address
> "tcmay@netcom.com" vs. "tcmay@got.net" is not central. Any concern that
> "tcmay@got.net" is somehow not the keyholder of that '92 key is a nonissue.

Most people out there only know you via your e-mail address.  How do they
know if "tcmay@netcom.com" is the same as "tcmay@got.net" and not
"mallet@nsa.gov"?  When looking for someone's key, most people look by
e-mail address.  (It is the only "unique" id other than key id or
fingerprint that people have to go on.)

> If the keyserver databases focus on such ephemera as the current ISP
> account, then they are focussing on the wrong things.

What do you want keyservers to go on?  You have to have some way of
obtaing the keys for an individual.  It could be some other Tim May out
there.  (Name collision is pretty common, especially since everyone and
his extended family are getting on the net.)

> Am I missing something central?
> 
> --Tim May, whose e-mail deliverer has changed a few times, but whose key
> remains constant. Which is more important?

Uh... Making the key reflect you address so people can find it...  Or as
was said in Dr. Strangelove "It is not a deterent if you keep it a
secret!".

alano@teleport.com | "Those who are without history are doomed to retype it."