[Freedombox-discuss] Would you sign a key with a pseudonymous keyholder name?
Nick M. Daly
nick.m.daly at gmail.com
Wed Jul 25 01:35:32 UTC 2012
On Sat, 21 Jul 2012 10:12:37 -0700 (PDT), Jonathan Wilkes wrote:
> > The whole point of key-signing is that you're verifying that you do
> > know the providence of the data signed or encrypted by that
> > key. Anonymity is the opposite of that. If you want anonymity, then
> > you don't want public key encryption. They are not compatible.
>
> Did you mean to say, "if you want anonymity, then you don't want key
> signing"?
Probably. Given how researchers could uniquely re-identify a third of
nameless Twitter and Flickr users based on the social graph alone [0],
you might either want to avoid key signing or avoid any overlapping
(reference) social interaction.
Also, how'd we get back to "web-of-trust" vs. "web-of-verified-identity"
again? Given all the different social understandings of the issues in
different contexts, the relevant interpretation seems User * Context
based (e.g., 5 users * 6 contexts = 30 interpretations). As Jonas
mentioned, social standards can offer direction but the choice and
interpretation still seems based, ultimately, on the user and signing
statement.
/me lights up the dkg signal
0: http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1450006
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20120724/0a4cbdd6/attachment.pgp>
More information about the Freedombox-discuss
mailing list