J. Michael Diehl wrote: I'm having a philosophical problem regarding when to sign someone else's public key. It strikes me that while a public key may be properly associated with someone that you know by sight it may more generally be associated with an abstract reputation. Connecting a face to a public key may be less useful than connecting a public key with someone that I recognize by reputation. I don't know Stephen Wolff by sight but I do know him by reputation and have conversed with him by e-mail. If during these conversations we had exchanged public keys, even thru insecure channels, then that would be more reliable than exchanging keys with someone that I met in person who claimed to be Steve Wolff but with whom I did not have time to converse. Steve's reputation with me arose thru a book he wrote. If he had included his private key there it would be better yet. (Public keys had not been invented then.) Having been influenced by Steve's book I would be inclined to accept Steve's opinions in related areas, if they were signed by his private key. I need not know what Steve looks like! In CyberSpace it ultimately seems that the public key supplants ordinary names and all reputations are connected to public keys!