You seem to suggest that an email address is as best an ID as there could be. My question: why is there a need for any other ID that's different from the public key? I.e.: the "sufficient certification" should actually be "We, the signers of this public key, certifies this public key belongs to a person we trust"? (and, of course, refuse to sign a key for any person they don't actually trust, no matter the govt issued ID-es or anything else). Why would one need to ask something in addition (impose extra requirements that don't add much to the "trust relationship"?) Maybe I'm wrong, but starting from a certified public key (and the dual ownership of the private one), the owner can use it to "self-sign" any other pairs for the email addresses of the various personas (or servers that she sets up, or public keys owned by other person that she trusts). Is it not so? Adrian On Tue, Aug 13, 2013 at 3:56 PM, Brian May <brian@microcomaustralia.com.au>wrote:
On 13 August 2013 15:38, Adrian Colomitchi <acolomitchi@gmail.com> wrote:
Now, my question: what an email address has to do with the identity of the owner? By the same measure, what the "full person name" or any other "govt/authority emitted ID" have to do with the identity of the owner?
I have the same problem. I don't think the govt/authority emitted ID means anything really. Different people can share the same name, so it doesn't uniquely identify the person. Furthermore I think I can change my legal name and have it be the same as some other person.
The good thing about email addresses is generally they are not shared and they are not reused. So it becomes a good way of identifying people.
e.g. this is what git uses to identify authors.
Of course, this isn't perfect. "Not reused" is not guaranteed. I use to make work related git commits using my work email address, however if I left my current job they are free to reuse my email address (they say they won't and it is unlikely to be an actual issue). So all my git commits would now belong to somebody else. I can't change these either, without rewriting the entire git history for these projects. So now I use my personal email address which I know will last.
Both names and email addresses can change. Which is a problem, however this doesn't necessarily invalidate the old id. -- Brian May <brian@microcomaustralia.com.au> _______________________________________________ Free-software-melb mailing list Free-software-melb@lists.softwarefreedom.com.au
http://lists.softwarefreedom.com.au/cgi-bin/mailman/listinfo/free-software-m...
Free Software Melbourne home page: http://www.freesoftware.asn.au/melb/