From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Wed, 1 Dec 93 13:28:19 PST
To: na5877@anon.penet.fi
Subject: signing nyms
Message-ID: <9312012056.AA01201@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Under the conditions Deadbeat described (long tradition of posting from
anon-server with pgp signatures/keys, keys on the key server, etc.,
I might be willing to sign such a key.  I wouldn't use my regular key
to do it - I'd create one or more nym-signing keys, so people could tell
that I know I'm signing a nym's key and it's less reliable than
signing a physically-known person's key.  To do it right, though,
I'd have to have been saving keys for a while from that nym, since
it's really hard to tell if a set of postings have really been from
the same source, or if it's just a recent impersonation.
I'd certainly need to send mail to the nym through the anon-server.

I'd be a lot more comfortable, though, with a signature from the
anon-server runners, since they at least know the real-side email address,
and since they could also do something like automatic collection of
signatures.  It's still tappable, though, unless the anon-server only
accepts encrypted mail on the non-anonymous side.

		Bill