-----BEGIN PGP SIGNED MESSAGE-----
Date: Thu, 30 Nov 1995 13:33 EDT From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Once an element of that set is identified, it can be assigned a codeword (to make parsing easier). ---------- How about an email address? Or a URL?
In this case, I was talking about an abbreviation for an attribute rather than for a person -- e.g., "checking-account: <number>,<bank>" standing, for example, for "The person (entity) capable of signing with the signed-key identified above is authorized to withdraw money from checking account number <number> at <bank>." However, in offline mail I just had this interchange:
Date: Thu, 30 Nov 1995 12:47:28 -0500 (EST) From: Jon Lasser <jlasser@rwd.goucher.edu>
Maybe it is just out of habit. But there's another aspect, not looking at other people, but looking at oneself:
"This is _my_ key."
"But my name isn't on the key."
"The key says I belong to it."
"Hey! I'm not just a number!"
I think you're exactly right here. That's the problem.
Perhaps we need to include the person's name in the keyID.
So instead of:
Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da
we could use:
Signed-Key-ID: Carl Ellison (e05c601c4ec4af3aeb54a53171ed65da)
or Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da (Carl Ellison) to follow the SMTP example, or Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da (Carl Ellison <cme@tis.com>) to follow the PGP example. In this case, the text attached to the key is optional -- but there for the people who feel attached to their names. It's left off (or replaced with a handle) for folks who want anonymity. The fact remains that the key is the source of authority here. The name acquires validity from the key, not the other way around, and that might upset some people who bother to think about it. However, those who prefer to think the name is important can view the key hash as an added field making the name unique -- with the extra added bonus of being tied strongly to a public key. - Carl +--------------------------------------------------------------------------+ |Carl M. Ellison cme@tis.com http://www.clark.net/pub/cme | |Trusted Information Systems, Inc. http://www.tis.com/ | |3060 Washington Road PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2| |Glenwood MD 21738 Tel:(301)854-6889 FAX:(301)854-5363 | +--------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBML4CoVQXJENzYr45AQFvJQQAszQbHHIXlOVFpdBv3K/J6f3FmCBoSvhX Fpy9T0OJAH2pndzH1cZLVTQzS+j/p4tY5P6YAlF+VS047T6jQqF31Kn1fIUlEjzw 0/t/W+7BQ+IktrrNtyJfEx5rFYKUg6rViTg3UF+knocBIMTRfm0EbuMkv7hCN5Ho iE0n9FZ+XIc= =e+iE -----END PGP SIGNATURE-----