Wei Dai wrote: | Perhaps it is better to think of names as subjective identifiers, and | public keys as global ids. That is, a person who has a collection of | public keys gives each of them a name, but different people can name their | keys differently. Of course the holder of the corresponding private key | can help in the naming process (e.g., "Please call me Wei"). If two | people need to talk about a third party, they can refer to him by an | arbitrary name after establishing a common binding between his key and | that name. Just a minor nit regarding a well thought out post, public keys are not 'global' ids, but 'system-wide' IDs. For keys to be really global, there needs to be a mechanism in place for insuring that key ids are very probably unique. One way to ensure that keys are globally unique would be to integrate a KCA identifier with the keyid, and KCAs base part of their reputation on not signing multiple keys with the same id. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume