1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
|
Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
helo=mx.sourceforge.net)
by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <jgarzik@bitpay.com>) id 1XTXLV-0001mK-V5
for bitcoin-development@lists.sourceforge.net;
Mon, 15 Sep 2014 14:33:37 +0000
Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of bitpay.com
designates 209.85.213.181 as permitted sender)
client-ip=209.85.213.181; envelope-from=jgarzik@bitpay.com;
helo=mail-ig0-f181.google.com;
Received: from mail-ig0-f181.google.com ([209.85.213.181])
by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1XTXLT-00082M-NT
for bitcoin-development@lists.sourceforge.net;
Mon, 15 Sep 2014 14:33:37 +0000
Received: by mail-ig0-f181.google.com with SMTP id h3so4019205igd.8
for <bitcoin-development@lists.sourceforge.net>;
Mon, 15 Sep 2014 07:33:29 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20130820;
h=x-gm-message-state:mime-version:in-reply-to:references:from:date
:message-id:subject:to:cc:content-type:content-transfer-encoding;
bh=r45vzk7XgHqlxlATpSNApDomGLQoMgsJ5sKCxFRtOnY=;
b=kN9997BNVwYUCTq1FDJUhno0/ewIXlahrtFhbENTS8JaLBCH+5iECDZnKjy6/pw2tY
yWp8AYZmAFjOJoxAF8Ppty/JkPkTk1aXjXpg3T+sAsW1Iuwn67z2rPD1BPHXweJXLm9O
b9FKKHgESC3EXAGjMwVNZfM6PN/NkPAMfp3vCV7KuWiDVQxjAJcrTUyqutrhZ7vYFYKM
ExPVvOf/0c4L1QXUa8uoF+z8bb9rLoKE8MAMXxyLw+ZAaS1mi+BPEK2nrF+uZ4oo3wca
hwrDtx76Cd3tHMJDcVq4uhsdokpJnBiaDnNvTUcIegBvMiYVueVxGiW7c/fbtoYrs0Zc
kM6A==
X-Gm-Message-State: ALoCoQnzknSho7lDLO3HAv5x3HsfbPHV6th6SzaV6UwBRLtQmZnJlKvIgcB81a97kKsry8G0URYg
X-Received: by 10.43.158.195 with SMTP id lv3mr27103865icc.30.1410791609523;
Mon, 15 Sep 2014 07:33:29 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.107.153.149 with HTTP; Mon, 15 Sep 2014 07:33:09 -0700 (PDT)
In-Reply-To: <3E354504-0203-4408-85A1-58A071E8546A@gmail.com>
References: <20140913135528.GC6333@muck>
<CAJHLa0MaE3Ki5Hs4Tu4dQNBW-EL-857N2kf-fVxYcXM6OO-84w@mail.gmail.com>
<20140914062826.GB21586@muck>
<201409150923.02817.thomas@thomaszander.se>
<CAJHLa0Owjs=6vhy_RSD+VSAZgBq2pSYv5HhCdA4-XCGgX=Z6dA@mail.gmail.com>
<3E354504-0203-4408-85A1-58A071E8546A@gmail.com>
From: Jeff Garzik <jgarzik@bitpay.com>
Date: Mon, 15 Sep 2014 10:33:09 -0400
Message-ID: <CAJHLa0PX+e98ad4W+oLc=TL6t6EELv=q4JEG=0YKKa7Uz4+MQA@mail.gmail.com>
To: Brian Hoffman <brianchoffman@gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -1.6 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
-0.0 SPF_PASS SPF: sender matches SPF record
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1XTXLT-00082M-NT
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Does anyone have anything at all signed
by Satoshi's PGP key?
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Mon, 15 Sep 2014 14:33:38 -0000
It applies to OP, bitcoin community development and Satoshi.
"value of in person vetting of identity is undeniable"... no it is
quite deniable. Satoshi is the quintessential example. We value brain
output, code. The real world identity is irrelevant to whether or not
bitcoin continues to function.
The currency of bitcoin development is code, and electronic messages
describing cryptographic theses. _That_ is the relevant fingerprint.
Governmental id is second class, can be forged or simply present a
different individual from that who is online. PGP WoT wanking does
not solve that problem at all.
On Mon, Sep 15, 2014 at 9:32 AM, Brian Hoffman <brianchoffman@gmail.com> wr=
ote:
> I would agree that the in person aspect of the WoT is frustrating, but to=
dismiss this as "geek wanking" is the pot calling the kettle.
>
> The value of in person vetting of identity is undeniable. Just because yo=
ur risk acceptance is difference doesn't make it wanking. Please go see if =
you can get any kind of governmental clearance of credential without in-per=
son vetting. Ask them if they accept your behavioral signature.
>
> I know there is a lot of PGP hating these days but this comment doesn't n=
ecessarily apply to every situation.
>
>
>
>> On Sep 15, 2014, at 9:08 AM, Jeff Garzik <jgarzik@bitpay.com> wrote:
>>
>>> On Mon, Sep 15, 2014 at 3:23 AM, Thomas Zander <thomas@thomaszander.se>=
wrote:
>>> Any and all PGP related howtos will tell you that you should not trust =
or sign
>>> a formerly-untrusted PGP (or GPG for that matter) key without seeing th=
at
>>> person in real life, verifying their identity etc.
>>
>> Such guidelines are a perfect example of why PGP WoT is useless and
>> stupid geek wanking.
>>
>> A person's behavioural signature is what is relevant. We know how
>> Satoshi coded and wrote. It was the online Satoshi with which we
>> interacted. The online Satoshi's PGP signature would be fine...
>> assuming he established a pattern of use.
>>
>> As another example, I know the code contributions and PGP key signed
>> by the online entity known as "sipa." At a bitcoin conf I met a
>> person with photo id labelled "Pieter Wuille" who claimed to be sipa,
>> but that could have been an actor. Absent a laborious and boring
>> signed challenge process, for all we know, "sipa" is a supercomputing
>> cluster of 500 gnomes.
>>
>> The point is, the "online entity known as Satoshi" is the relevant
>> fingerprint. That is easily established without any in-person
>> meetings.
>>
>> --
>> Jeff Garzik
>> Bitcoin core developer and open source evangelist
>> BitPay, Inc. https://bitpay.com/
>>
>> ------------------------------------------------------------------------=
------
>> Want excitement?
>> Manually upgrade your production database.
>> When you want reliability, choose Perforce
>> Perforce version control. Predictably reliable.
>> http://pubads.g.doubleclick.net/gampad/clk?id=3D157508191&iu=3D/4140/ost=
g.clktrk
>> _______________________________________________
>> Bitcoin-development mailing list
>> Bitcoin-development@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
--=20
Jeff Garzik
Bitcoin core developer and open source evangelist
BitPay, Inc. https://bitpay.com/
|
