I have often said "You are your key." That is, keys have priority over names, even True Names. The biometric True Name identity of a person holding a key is only _another attribute_ of the key. Maybe important, maybe not. It depends on the nature of the transaction. But I go further: a huge number of interesting applications of strong crypto have no connections at all with physical persons, let alone with True Names. Agents in computer transactions, applets fired across networks, agoric entities in computational ecologies, BlackNet sorts of markets, and on and on. The notion that a cryptographic key needs to be tied to a physical person is deeply flawed. The talk of certification authorities is OK, so long as the practice is _completely_ and "strongly" voluntary (*). (* I think maybe we need a term like "strongly voluntary," to parallel "strong crypto." A key escrow system which can have arbitrary escrow holders--company lawyers, grandmothers, computers in other buildings, etc.--is "strongly voluntary." A government-sanctioned program which authorizes, approves, regulates, and controls escrow holders is *not*. GAK is not strongly voluntary, even though it will be sold as a "voluntary" system.) --Tim May Views here are not the views of my Internet Service Provider or Government. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^756839 | black markets, collapse of governments. "National borders are just speed bumps on the information superhighway."