Ergo, there should be a web-of-trust. The web-of-trust is the most powerful idea in PGP; if you just want pke, there's RSA etc. With a community and a web of trust, you don't need a root cert. In fact the whole root cert logic of X509 and the rest is inherently totalitarian, and should be considered harmful.

This escalation has already happened with Chip and Pin credit cards. South Africa has high levels of breaking and entering, and small portable items like credit cards are a favourite target. Until recently the pattern was a break in when the residents were out of the house, but now it more often happens when the house is occupied, so they can get the PIN numbers of the cards from the owners.

The result is that the banks enjoy the comfort of a slight reduction in credit card theft, but home owners suffer a major increase in the scariness of crime.

The next step iin this escalation has become a thriller movie cliche – cutting off a finger or removing an eyeball to gain biometric identification.

Yes, I've been thinking about identity since OpenTech as well -- particularly as it pertains to my thesis topic!

An identity is a person-reference, a pointer that produces a person when you dereference it. In my head, I have a great many person-references, each of which uniquely represents one of the people I know. (One of them represents myself -- literally the identity identity!)

Identities almost always have many properties associated with them. That person's legal name, nicknames, what their face looks like, the sound of their voice, their reputations for various functions, their public key identifier, all kinds of information.

Most people, when they're talking about their identity, are in fact usually referring to one or more of these identifiers.

Properties that are associated with an identity can sometimes be used as identifiers; i.e. given an unknown person's public key ID, I can lookup whether any of the identities in my head match that person. (Usually through the use of a memory prosthesis.) This is not always possible; sometimes, a given identifier is ambiguous, or of insufficient fidelity to reliably identify a unique person -- for example, in the case of a fuzzy photograph.

Authentication, then, is merely the act of resolving an unknown person's identity to a high degree of confidence, usually through the use of measuring hard-to-forge identifiers, validation of a secret key, or both.

Is the person that you think of as Joe Bloggs the same person that I think of when you use that name? If we're both part of the same small village, then the answer will usually be "yes". If we're both part of the same large city, then the answer is most likely to be "no". And this is the problem when we start to use self-selected identifiers to refer to people.

Now, in many real-world circumstances, you need to look up some property -- such as a public key -- of someone you don't already know, but for whom you have some kind of identifier -- such as a name or email address.

But we know that names are not unique; there's an argument that we shouldn't care what name someone has claimed for themselves on their OpenPGP credential, because it simply doesn't matter -- it's their email address which we're using as a unique global identifier. Effectively, it's just a human-readable checksum, a safety feature so that a human can spot more easily a mistakenly looked-up identity.

Unfortunately, our only way to verify a person's email address is to exercise it -- and email is not secure against eavesdropping or misdirection, particularly in the face of vulnerabilities in the domain-name system. (As an aside, those who haven't seen the DNS security advisories published today, you should look up CVS-2008-1447.)

I will sign Improbulus' key, just as I signed Spy Blog's key; at certification level 2 ("casual verification"), since through having friends in common who can say "Yes, that's the real Improbulus", combined with public and private online discussions, I am confident that the person who stood before me proffering a key fingerprint is the same as the online Improbulus you can find in Google. My experience could have been faked, but it would have been a lot of effort for somebody to go to, and I can't see how it would be worth it (security is all about tradeoffs).

I signed Spy Blog's, on the other hand, because the key fingerprint the guy claiming to be Spy Blog gave me matches the one on his web site, so again there's a reasonable likelihood that the key really belongs to the guy behind Spy Blog and not to a man in the middle who'd love to find out who's blowing what whistles.

It would be rather easier (and certainly within the werewithall of the intelligence services) to man-in-the-middle Spy Blog, and then send an agent pretending to be the guy behind it to OpenTech handing out the fingerprint of a fraudulent key. But it would probably be easier for them to just set up Spy Blog themselves as a honeypot. Indeed, they could subvert driving licence-based key signatures; they have the facility to print as many driving licences and passports as they wish.

However, if Mr. Spy Blog is who he says he is and not an MI5 honeypot operation, then he can protect himself against cheaper Internet-only man-in-the-middle attacks by, in person and online, getting people to sign his key. If the key has a long history of being signed by various people, some notable, some who are friends of friends of friends of yourself, it's very likely to have actually existed for some time - meaning that The Authorities can't just create a false key and slide it onto the Spy Blog web server (or force the upstream ISP to intercept HTTP requests for it and replace the key with their own) whenever they feel the urge; by linking that identity into a web of trust, it requires more complex, expensive, and forward-thinking operations to have subverted that web from the outset.

To conclude, thinking about security questions like this is complex. But it's also good fun!

But do we expect the general public to learn all this stuff so they can be secure online? Well, I think that as we move to an increasingly online society, they will anyway - so many kids these days use online social networking services that the consequences of letting other people know your password are becoming second-nature obvious to them in ways that previous generations haven't had to spot. I think that as communications technology becomes more widespread - and if, hopefully, public key crypto technology becomes more widespread - people will just pick this stuff up organically and it'll become second nature. And we'll have a more secure society because of it.

Any reputation I have in technology has been built up under this name and I want to keep it, and be able to prove it's me. If you searched my real name online, you'd find nothing at all of significance related to computing, though maybe a mention or two in music.

I just want to be able to prove I am the person known online as "Improbulus" and, as importantly, if someone else tries to say they're Improbulus and posts things purporting to be from me, I can disprove that - e.g. through people signing my keys to that effect, and I am more than happy to be held accountable as "Improbulus".

I wish there was a way of doing so. Or maybe there is: people signing my Improbulus keys as such. Whoever wrote the excellent ORG wiki page on key signing parties at http://www.openrightsgroup.org/orgwiki/index.php/Keysigning_parties (was it you??) clearly understood this ("take the public part of somebody's digital identity, and then use your own digital identity to create a signed digital document stating that you trust that the holder of that identity really is who the identity claims it is (which can be their real name, or a pseudonym you believe them to rightfully hold)".

I hope those who refused to sign my Improbulus keys without seeing my driving licence/passport showing my real name will read this post - and http://www.w4kwh.org/privacy/keysign.html which clearly envisages signing pseudonyms and providing a mechanism for doing that even for an identity without a meatspace equivalent (and no one who's met me can deny I DO have a meatspace equivalent!). What do they want, a blog post about them, a meta tag, blood (for a genetic fingerprint)??