On 11/05/2006 10:35 PM somebody named Carlos E. R. wrote:
....
Also, I don't even sign locally keys for which I don't have some kind of verification, even if marginal, because key checking will not tell me the diference when reading an email. But that is a personal choice.
Carlos, I very much appreciate the rigorous care you take when signing others' keys. I also find the documentation on this aspect of key signing rather abstract. So to wax phenomenological, I would see a case for locally signing your (actual) key and would advocate for at least one descriptive category of signature. Because you have been posting here for quite awhile with a consistent key, I can be sure that emails sent to me with this key are from the same person (unless someone else gets your passphrase or hacks your private key... but in that case all bets are off anyway). If you change to a new email account and want to prove to me that you are the same person, all you have to do is send me an email using your current key. I might not know with any certainty that your name really is Carlos or anything else about you, but I do know that you are the same person I have been receiving emails from, even if you send me an email with a different name and different email address. Conversely, if someone else, say a guy named Scooter, gets control of your email address (or spoofs it) and, further, uses the name Carlos E. R., Scooter could fool a lot of people into thinking he was you... unless people had already imported your key and questioned the fact that he was not using the key for Carlos E. R. Going on the assumption that Scooter was not in possession of your private key, he could not prove (to me, at least) that he was you. Conversely again, you could change your email address and even change your name-- to, say, Jorge-- and if you used the same key you are using now, people who had already imported your key would know that Jorge and Carlos were the same person. Moreover, were I to (non-locally) sign and upload your key, other people would/should trust that Jorge and Carlos E. R. are one and the same person. Now the terms "local" and "non-local" (global?) don't describe very well this usage. Nor do the given "levels of trust". Given the above purposes, there's no question as to *how much* I trust the signature, but rather *what* I trust. The local-global dichotomy doesn't address this manner of trusting, what I would refer to as "personal" or "identical" trusting. That is, I don't know your date of birth, street address, phone number, or even if Carlos E. R. is your true name, but I don't care about those. (Except for your date of birth, all these details about you could be legally changed anyway.) The only trust issue here is personal (and I'm using "person" here in its original, most fundamental sense, from the Latin "per-sonare", to sound through (a mask), what an actor in a drama did/does), one of the identity of the one who may wear different "masks". To trust any communication where the identity of the person we are communicating with is critical, this manner of trusting is critical, regardless of whether we call it global or local. -- To announce that there must be no criticism of the president, or that we are to stand by the president, right or wrong, is not only unpatriotic and servile, but is morally treasonable to the American public. --Theodore Roosevelt, 1918