All the perp has to do, once the secring.pgp is obtained is "pgp -kvv secring.pgp" and he now knows that Joe Cypherpunk and Secret Nym are the same person.
Another reason for keeping physical security over keys, nym keys, if it is important enough that the nym stays unidentifiable, should be kept on a different secring.pgp, which should be kept physically secure on a disk and encrypted using some other key than your own real-name secret key (this is just a measure to prevent breaking one key revealing the nym). Datacomms Technologies data security Paul Bradley, Paul@fatmans.demon.co.uk Paul@crypto.uk.eu.org, Paul@cryptography.uk.eu.org Http://www.cryptography.home.ml.org/ Email for PGP public key, ID: FC76DA85 "Don`t forget to mount a scratch monkey"