From: “William H. Geiger III” <whgiii@amaranth.com>
To: Bill Frantz <frantz@netcom.com>
Message Hash: 5de8acc893fa1bc028d9c3a8dbcb065d55aac671ffa7185a4360b1387bd45bab
Message ID: <199706131613.LAA12353@mailhub.amaranth.com>
Reply To: <v03007874afc71e205651@[207.94.249.152]>
UTC Datetime: 1997-06-13 16:35:46 UTC
Raw Date: Sat, 14 Jun 1997 00:35:46 +0800
From: "William H. Geiger III" <whgiii@amaranth.com>
Date: Sat, 14 Jun 1997 00:35:46 +0800
To: Bill Frantz <frantz@netcom.com>
Subject: Re: Photo ID is not needed for key signings....
In-Reply-To: <v03007874afc71e205651@[207.94.249.152]>
Message-ID: <199706131613.LAA12353@mailhub.amaranth.com>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
In <v03007874afc71e205651@[207.94.249.152]>, on 06/13/97
at 11:00 AM, Bill Frantz <frantz@netcom.com> said:
>At 10:33 PM -0700 6/12/97, William H. Geiger III wrote:
>>In <v0300786dafc68637a08c@[207.94.249.152]>, on 06/12/97
>> at 10:14 PM, Bill Frantz <frantz@netcom.com> said:
>>>If you have a version of the key with no signatures, then you can change
>>>the data field and re-sign with the associated secret key. Since the
>>>data field has changed, you properly need to have others re-verify the
>>>validity of the binding.
>>
>>I don't think that any changes that he would make to his key would need
>>re-verification provided that he signed those changes. Take the following
>>scenario:
>>
>>John Doe creates a key and signs it:
>>
>>pub 2048/FFFFFFFF 01/01/90 John Doe
>>sig John Doe (0xFFFFFFFF)
>>
>>Now 3 other people verify that the key does belong to John Doe and sign
>>the key:
>>
>>pub 2048/FFFFFFFF 01/01/90 John Doe john.doe@anonymous.com
>>sig John Doe (0xFFFFFFFF)
>>sig Mary Jane (0xAAAAAAAA)
>>sig Tom Thumb (0x11111111)
>>sig Tiny Tim (0xCCCCCCCC)
>>
>>Now John adds an aka to his key and signs it.
>>
>>pub 2048/FFFFFFFF 01/01/90 John Doe john.doe@anonymous.com
>>sig John Doe (0xFFFFFFFF)
>>sig Mary Jane (0xAAAAAAAA)
>>sig Tom Thumb (0x11111111)
>>sig Tiny Tim (0xCCCCCCCC)
>>aka John Doe john.doe@who-is-it.com
>>sig John Doe (0xFFFFFFFF)
>>
>>Since John Doe is the only one who could sign the key with the new aka one
>>can assume that the aka is as valid as the original userid.
>So if John Doe wants to be known as "president@whitehouse.gov" or "Tim
>May <tcmay@got.net>" all he has to do is change the field, and upload the
>changed key to the key servers, and all the signatures should remain
>good?
Well remember that John Doe is only adding an AKA to his key not deleteing
the old userid and replacing it with a new one. This is very important.
pub 2048/FFFFFFFF 01/01/90 John Doe john.doe@anonymous.com
sig John Doe (0xFFFFFFFF)
sig Mary Jane (0xAAAAAAAA)
sig Tom Thumb (0x11111111)
sig Tiny Tim (0xCCCCCCCC)
aka John Doe president@whitehouse.gov
sig John Doe (0xFFFFFFFF)
If he were to remove the old userid and replace it with a new one you
would have:
pub 2048/FFFFFFFF 01/01/90 John Doe president@whithouse.gov
sig John Doe (0xFFFFFFFF)
without any autheticating signatures.
The first case all we have is a change of address while in the second we
have a change of identity.
- --
- ---------------------------------------------------------------
William H. Geiger III http://www.amaranth.com/~whgiii
Geiger Consulting Cooking With Warp 4.0
Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html
- ---------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: cp850
Comment: Registered_User_E-Secure_v1.1b1_ES000000
iQCVAwUBM6FypY9Co1n+aLhhAQEa6QP9EqFGKkAddZMmNFt6hcU8VbIrcqN5toia
vUXHsUjL+3BPhddyGc0qU2q8GqsBEvqklPYFGfT1nYAI8/v4J1Qd81gOLvxEvnrZ
FUeFersILXJBQ1VYHhvhUoTKT3CyDg1PbrwYPIlyksEYbFSv+anxIywQGF58XXRh
VtonV7HFyiU=
=wy43
-----END PGP SIGNATURE-----
Return to June 1997
Return to ““William H. Geiger III” <whgiii@amaranth.com>”