1997-06-13 - Re: Photo ID is not needed for key signings….

Header Data

From: Tim May <tcmay@got.net>
To: Bill Frantz <jehill@w6bhz.calpoly.edu>
Message Hash: 9666101232ffa5919a3572ad9494f49048471ecd147d6d99f20dae0caf684322
Message ID: <v03102800afc652637f93@[207.167.93.63]>
Reply To: <199706120709.AAA05445@hyperion.boxes.org>
UTC Datetime: 1997-06-13 01:51:10 UTC
Raw Date: Fri, 13 Jun 1997 09:51:10 +0800

Raw message

From: Tim May <tcmay@got.net>
Date: Fri, 13 Jun 1997 09:51:10 +0800
To: Bill Frantz <jehill@w6bhz.calpoly.edu>
Subject: Re: Photo ID is not needed for key signings....
In-Reply-To: <199706120709.AAA05445@hyperion.boxes.org>
Message-ID: <v03102800afc652637f93@[207.167.93.63]>
MIME-Version: 1.0
Content-Type: text/plain



At 8:31 AM -0700 6/12/97, Bill Frantz wrote:
>IMHO - What you are really signing is the binding between the data
>associated with the key (usually an email address) and the key.  You are
>saying that the secret key holder is (one of the) person(s) who has access
>to that account, and not some man in the middle in the middle.  If you ask
>to see Lucky Green's, or Futplex's, or Black Unicorn's picture ID, you will
>either see a forgery or an ID issued by an organization not interested in
>birth certificates.

I am fairly often accused of being arrogant, of being a "know it all." I
have never claimed to be an expert on PGP, and I certainly am not. I use
the MacPGP version which became available in '92, and will eventually star
t working with PGP 5.x (which I have, and have installed, but not spent
much time with).

I generated a 1024-bit key in '92, right after PGP 2.0 appeared, and
participated in a key signing, etc., shortly thereafter. It happened that
my ISP at that time had just changed from Portal to Netcom. (Now it's
"got.net", a fairly typical local provider of non-shell ISP services.)

I can't understand (hint: someone please explain) why I get so many
requests to send the "tcmay@got.net" key, as opposed to the
"tcmay@netcom.com" key so widely available. I thought the key signings were
about the Person Widely Known as "Tim May" being associated with the key
signed, not some temporary e-mail address.

My binding was between the key, and "me." Those who wanted to send messages
to "me" could assume that only "I" could read it. The address
"tcmay@netcom.com" vs. "tcmay@got.net" is not central. Any concern that
"tcmay@got.net" is somehow not the keyholder of that '92 key is a nonissue.

If the keyserver databases focus on such ephemera as the current ISP
account, then they are focussing on the wrong things.

Am I missing something central?

--Tim May, whose e-mail deliverer has changed a few times, but whose key
remains constant. Which is more important?




There's something wrong when I'm a felon under an increasing number of laws.
Only one response to the key grabbers is warranted: "Death to Tyrants!"
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^1398269     | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









Thread