1994-10-03 - Re: Nom de guerre public key

Header Data

From: franl@centerline.com (Fran Litterio)
To: cypherpunks@toad.com
Message Hash: 6d469ff1bc612f3851296fd52f7d2228f9e6df45232df97641dfe73d0ef045df
Message ID: <FRANL.94Oct2201427@draco.centerline.com>
Reply To: <199410022111.QAA03425@jpunix.com>
UTC Datetime: 1994-10-03 00:56:43 UTC
Raw Date: Sun, 2 Oct 94 17:56:43 PDT

Raw message

From: franl@centerline.com (Fran Litterio)
Date: Sun, 2 Oct 94 17:56:43 PDT
To: cypherpunks@toad.com
Subject: Re: Nom de guerre public key
In-Reply-To: <199410022111.QAA03425@jpunix.com>
Message-ID: <FRANL.94Oct2201427@draco.centerline.com>
MIME-Version: 1.0
Content-Type: text/plain

> I've created a pseudonym and a PGP key pair for that pseudonym.  Now,
> how do I secure signatures for my public key, given the fact that (a)
> to sign it, you should be sure that it really belongs to me, and (b) I
> have no intention of revealing who "me" actually is?

A signature on your PGP public key is a personal guarantee from the
person who signed it that she has first-hand knowledge that the key's
userid accurately names the person who physically possesses the key
(i.e., the signature validates the binding between userid and person).
But you do not have a binding between your userid and your person,
because your userid is a pseudonym, and a pseudonym is a name not
bound to a person.

Unless you reveal your pseudonym to someone and identify yourself
according to the rules of the PGP Web of Trust, you should not be able
to get signatures on your PGP public key.
Fran Litterio                   franl@centerline.com (617-498-3255)
CenterLine Software             http://draco.centerline.com:8080/~franl/
Cambridge, MA, USA 02138-1110   PGP public key id: 1270EA1D