From: Martin Janzen <janzen@idacom.hp.com>
Date: Thu, 25 Jan 1996 06:19:11 +0800
To: cypherpunks@toad.com
Subject: Signing nyms' keys (Was: Report on Portland Cpunks...)
In-Reply-To: <2.2.32.19960124195005.006b9940@mail.teleport.com>
Message-ID: <9601242142.AA19654@sabel.idacom.hp.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Bruce Baugh writes:
> >If, on the other hand, I sign "Toxic Avenger"'s key, then what benefit is
> >this for third parties?  Since Toxic Avenger is, by intention, _not_ linked
> >to a real person, I'm not saying that I feel confident that this key really
> >belongs to any particular real person.  What am I saying?

> Over time, some nyms take on a distinct identity of their own. [...] The
> thought, therefore, as I imagine it would be "You don't know I am in person,
> but you can count on me to be who I am, with this style and set of views,
> and I say that this guy is another actual person with the same."

So are you saying that by signing a nym's key, you're asserting that you
know _the individual(s) behind the nym_?  If so, would this association
not weaken the anonymity of the nym whose key you've signed?

Furthermore, by signing a nym's key you place yourself at risk.  If you
sign the nym's key with your own key -- or sign using the key of your
own nym, and that nym is subsequently "outed" -- then anyone wishing to
find the individual(s) behind any nym whose key you've signed can
attempt to coerce you into revealing this information, since you have
claimed to know it.

- --
Martin Janzen           janzen@idacom.hp.com


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMQand23Fsi8cupgZAQGmqQQAk7bRYJNxhsw9xHDgoL7fEiZ7faLDeuR9
bYEYnj7tZRWMRaVudEn1G3tsaHF7MS/DuOPRWci6v3dQ742Y8amlqytGWcdpNLn+
qR5RtRvKyDaWR0pi3j+WQ6y8y0WyFrVk1z8/cFKVQWfZvgs1Zjs6R87DWreiN2hr
1Ywm0AA+BIg=
=4phF
-----END PGP SIGNATURE-----