Hal says:
"Perry E. Metzger" <perry@imsi.com> writes:
I'll also note, yet again, that unless PGP quits this bad practice of identifying counterparties only by a number, it is NOT going to be universally deployed. Counterparties need to be identified by a name that can be looked up in the DNS -- meaning "joe@foo.com" rather than some key ident number.
PGP of course looks up keys by strings in addition to numbers. A widely accepted practice is to use <joe@foo.com> in the user ID which allows the lookups to be by internet address.
The problem is that incoming messages are tagged with the number, not the string. You can't check the signature if you don't have the number in your own database. Global databases don't scale. Distributed databases like DNS do scale. DNS style naming doesn't hurt non-DNS users, so its a shame that it isn't there -- I, for one, can't specify PGP style keys in the internet key management system I'm working on because of this. Perry