> -----Original Message----- > From: David Honig > Sent: Monday, June 09, 2003 6:42 PM > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: Re: Keyservers and Spam > > Why not publish your key under a bogus name that goes no-where?
The answer is simple. I cannot publish a PGP under a false name, because if I did, who would sign it to attest that the genuinely did belong to the person to whom it claimed to belong? Would you? If _anyone_ signed a key with a bogus name on it, and got found out, then _their_ credibility as a key-signer would go down the plug-hole, which in turn would mean that PGP users would decrease their trust in the key of the signer, which in turn would mean that any OTHER key signed by that signer would immediately become less trusted. I, personally, would never sign a bogus key. If I ever did find someone who was prepared to sign a bogus key (including one which was created by me), then MY trust in THEM would immediately drop to zero. And what good to me is a key which is signed by someone whose authentication credentials I don't trust? If we allow this, then the entire web-of-trust disintegrates. There is a parallel thread in this list on paypal-spoofing. It demonstrates what can happen if someone signs a bogus key. It demonstrates why no-one with any REAL credibility would ever do such a thing. When you place your signature on someone else's PGP-key, you are attesting that you, personally, vouch for the authenticity of the key's claim of ownership. Now, I don't have any problem with centralised-CAs signing as many bogus keys as they like. It makes no difference to me because I don't trust them, and I don't trust their certificates. But the web-of-trust is a different animal. The web of trust is based on the idea that YOU decide whom you trust, and you DON'T trust people who sign bogus keys. So ... if you believe (as I do) that a PGP key is untrustworthy unless there is a chain of signers reaching from you to it, matching the settings in your PGP configuration file, then posting a bogus key becomes completely pointless. On the other hand ... if the key is NOT bogus, then it has my real name on it, and the spam problem remains. I have seen very little discussion of this point, anywhere. The few replies I have had to my original question suggest that there simply _is_ no solution, except live with it. Either don't publish your key (which means that no-one can find your key even if they have a priori knowledge of your email address), or do (and accept the price in spam). This seems to be the reality of how it is. This being the case, I am now starting to wonder if it might be time to invent a new PGP keyserver protocol which addresses this issue. Keyservers could then start to implement the new protocol, and, in time, the problem would be solved. Does this make sense? Is this reasonable? Jill --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]