Re: Photo ID is not needed for key signings....

[Ryan Anderson <randerso@ece.eng.wayne.edu>]

On Fri, 13 Jun 1997, Bill Frantz wrote:

> >pub 2048/FFFFFFFF 01/01/90 John Doe john.doe@anonymous.com
> >sig                        John Doe   (0xFFFFFFFF)
> >sig                        Mary Jane  (0xAAAAAAAA)
> >sig                        Tom Thumb  (0x11111111)
> >sig                        Tiny Tim   (0xCCCCCCCC)
> >aka                        John Doe john.doe@who-is-it.com
> >sig                        John Doe   (0xFFFFFFFF)
> >
> >Since John Doe is the only one who could sign the key with the new aka one
> >can assume that the aka is as valid as the original userid.
> 
> So if John Doe wants to be known as "president@whitehouse.gov" or "Tim May
> <tcmay@got.net>" all he has to do is change the field, and upload the
> changed key to the key servers, and all the signatures should remain good?

Well, no, not really.  See, the way PGP handles keys (at least the RSA
keys) makes it very difficult to remove an id once it's hit a keyserver.

Oh yeah, a signature also encompasses the key-id that you sign when you
sign the key.  So the signatures would fail if the key-id they referred to
was drastically changed...

-----------------------------------------------------------------------
Ryan Anderson - <Pug Majere>     "Who knows, even the horse might sing" 
Wayne State University - CULMA   "May you live in interesting times.."
randerso@ece.eng.wayne.edu                        Ohio = VYI of the USA 
PGP Fingerprint - 7E 8E C6 54 96 AC D9 57  E4 F8 AE 9C 10 7E 78 C9
-----------------------------------------------------------------------