an41418@fi.penet.anon (wonderer) writes:

It seems to me that we have an interesting dilemma here. If we are willing to sign a key based on an entity that we KNOW does not really exist, then what does a signature mean? You have been an active and productive participant on cypherpunks for quite some time now, so if that's what I'm saying by signing your key, then I would be willing to. Off line methods wouldn't work in this case because we aren't real.

Certification establishes a relationship between a public key and a True Name. When there is no True Name, or the True Name is not to be revealed, certification is irrelevant. For a nym to prevent anyone else for masquerading as itself, it should announce a public key in its first appearance on the net, and thereafter sign every message with its private key. This guarantees that all such messages emanate from those with access to the private key. Certification is irrelevant. What does become difficult for a nym is key revokation. If the nym's private key is compromised, anyone with access to it can send a message purporting to revoke the key and announcing a new one. Such a revokation cannot be certified unless its issuer not only reveals their True Name but somehow establishes to the satisfaction of whoever is certifying it that they are the True Name of the nym. Or as someone put it more succinctly, keys *are* the identities of the future net. -- ____ Richard Kennaway __\_ / School of Information Systems Internet: jrk@sys.uea.ac.uk \ X/ University of East Anglia uucp: ...mcsun!ukc!uea-sys!jrk \/ Norwich NR4 7TJ, U.K.