First of all, I think systems that make people associate arbitrary
long strings with someone's email address aren't really acceptable.
I'll repeat that my model is "give someone your email address on a
napkin in a bar". I do things like this often enough right now.

On Wed, 28 Aug 2013 06:41:27 -0400 Jerry Leichter <>
> On the underlying matter of changing my public key:  *Why* would I
> have to change it?

Because people make mistakes and reveal security critical information
to the world at intervals. Because computers are sometimes
compromised. A system that does not permit you to recover from rare
events is not going to deploy very well.

I think that to begin with, though, a system that requires people to
somehow associate arbitrary strings with their friends won't work

Anyway, I proposed a system to handle id to key mappings with
reasonable trust in the first of my three messages on my proposed new
model -- it also happens to handle revocation reasonably well
(though imperfectly).

Perry E. Metzger      
The cryptography mailing list

Reply via email to