diff options
| author | Brian Hoffman <brianchoffman@gmail.com> | 2014-09-15 10:49:14 -0400 |
|---|---|---|
| committer | bitcoindev <bitcoindev@gnusha.org> | 2014-09-15 14:49:26 +0000 |
| commit | b89ce64dc60c9393ab49008830126eb88045fd18 (patch) | |
| tree | 269584272f75978a600deacd0f6d622ecfb568f8 | |
| parent | 9270cec2a7fb20333d543c3d8abcdc3a2e522588 (diff) | |
| download | pi-bitcoindev-b89ce64dc60c9393ab49008830126eb88045fd18.tar.gz pi-bitcoindev-b89ce64dc60c9393ab49008830126eb88045fd18.zip | |
Re: [Bitcoin-development] Does anyone have anything at all signed by Satoshi's PGP key?
| -rw-r--r-- | cf/195056b64936a9b0ca424801e67918f65f2ed2 | 319 |
1 files changed, 319 insertions, 0 deletions
diff --git a/cf/195056b64936a9b0ca424801e67918f65f2ed2 b/cf/195056b64936a9b0ca424801e67918f65f2ed2 new file mode 100644 index 000000000..8981b9f6b --- /dev/null +++ b/cf/195056b64936a9b0ca424801e67918f65f2ed2 @@ -0,0 +1,319 @@ +Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] + helo=mx.sourceforge.net) + by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) + (envelope-from <brianchoffman@gmail.com>) id 1XTXao-000335-9o + for bitcoin-development@lists.sourceforge.net; + Mon, 15 Sep 2014 14:49:26 +0000 +Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com + designates 209.85.192.170 as permitted sender) + client-ip=209.85.192.170; envelope-from=brianchoffman@gmail.com; + helo=mail-pd0-f170.google.com; +Received: from mail-pd0-f170.google.com ([209.85.192.170]) + by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) + (Exim 4.76) id 1XTXai-0007k6-Ay + for bitcoin-development@lists.sourceforge.net; + Mon, 15 Sep 2014 14:49:26 +0000 +Received: by mail-pd0-f170.google.com with SMTP id fp1so6440727pdb.1 + for <bitcoin-development@lists.sourceforge.net>; + Mon, 15 Sep 2014 07:49:14 -0700 (PDT) +MIME-Version: 1.0 +X-Received: by 10.70.41.10 with SMTP id b10mr13200382pdl.72.1410792554541; + Mon, 15 Sep 2014 07:49:14 -0700 (PDT) +Received: by 10.70.55.167 with HTTP; Mon, 15 Sep 2014 07:49:14 -0700 (PDT) +In-Reply-To: <CAJHLa0PX+e98ad4W+oLc=TL6t6EELv=q4JEG=0YKKa7Uz4+MQA@mail.gmail.com> +References: <20140913135528.GC6333@muck> + <CAJHLa0MaE3Ki5Hs4Tu4dQNBW-EL-857N2kf-fVxYcXM6OO-84w@mail.gmail.com> + <20140914062826.GB21586@muck> + <201409150923.02817.thomas@thomaszander.se> + <CAJHLa0Owjs=6vhy_RSD+VSAZgBq2pSYv5HhCdA4-XCGgX=Z6dA@mail.gmail.com> + <3E354504-0203-4408-85A1-58A071E8546A@gmail.com> + <CAJHLa0PX+e98ad4W+oLc=TL6t6EELv=q4JEG=0YKKa7Uz4+MQA@mail.gmail.com> +Date: Mon, 15 Sep 2014 10:49:14 -0400 +Message-ID: <CAADm4BARhLUrQSk1xy_Rk_rmXw=RkrX7y_+a57HmJbUKwpQLHA@mail.gmail.com> +From: Brian Hoffman <brianchoffman@gmail.com> +To: Jeff Garzik <jgarzik@bitpay.com> +Content-Type: multipart/alternative; boundary=047d7bf0d38210babc05031bbdc5 +X-Spam-Score: -0.6 (/) +X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. + See http://spamassassin.org/tag/ for more details. + -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for + sender-domain + 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider + (brianchoffman[at]gmail.com) + -0.0 SPF_PASS SPF: sender matches SPF record + 1.0 HTML_MESSAGE BODY: HTML included in message + -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from + author's domain + 0.1 DKIM_SIGNED Message has a DKIM or DK signature, + not necessarily valid + -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature +X-Headers-End: 1XTXai-0007k6-Ay +Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net> +Subject: Re: [Bitcoin-development] Does anyone have anything at all signed + by Satoshi's PGP key? +X-BeenThere: bitcoin-development@lists.sourceforge.net +X-Mailman-Version: 2.1.9 +Precedence: list +List-Id: <bitcoin-development.lists.sourceforge.net> +List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, + <mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe> +List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development> +List-Post: <mailto:bitcoin-development@lists.sourceforge.net> +List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help> +List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, + <mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe> +X-List-Received-Date: Mon, 15 Sep 2014 14:49:26 -0000 + +--047d7bf0d38210babc05031bbdc5 +Content-Type: text/plain; charset=UTF-8 + +In the context of Bitcoin I will concede that perhaps it holds true for now. + +I also never said the actual credential you receive from a government +agency is trustable. I completely agree that they are forgeable and not +necessarily reliable. That was not my point. I was referring to the vetting +process before issuance. + +Just as you have behavioral characteristics online that contribute to +trusting an "identity" you also exhibit in person attributes, such as +physically being in a specific location at a certain time or blue eyes or +biometrics, that are valuable. You simply cannot capture those in an +online-only world. I don't see how you can deny the value there. + +You are most certainly and undeniably the expert in the Bitcoin context +here so I will not even attempt to argue with you on that, but I just think +it's not realistic to ignore the value of an in-person network in other +contexts. You called it "geek wanking" with no qualifier "in the Bitcoin +context" so excuse me if I misunderstood your intent. + + +On Mon, Sep 15, 2014 at 10:33 AM, Jeff Garzik <jgarzik@bitpay.com> wrote: + +> It applies to OP, bitcoin community development and Satoshi. +> +> "value of in person vetting of identity is undeniable"... no it is +> quite deniable. Satoshi is the quintessential example. We value brain +> output, code. The real world identity is irrelevant to whether or not +> bitcoin continues to function. +> +> The currency of bitcoin development is code, and electronic messages +> describing cryptographic theses. _That_ is the relevant fingerprint. +> +> Governmental id is second class, can be forged or simply present a +> different individual from that who is online. PGP WoT wanking does +> not solve that problem at all. +> +> +> +> +> +> +> On Mon, Sep 15, 2014 at 9:32 AM, Brian Hoffman <brianchoffman@gmail.com> +> wrote: +> > I would agree that the in person aspect of the WoT is frustrating, but +> to dismiss this as "geek wanking" is the pot calling the kettle. +> > +> > The value of in person vetting of identity is undeniable. Just because +> your risk acceptance is difference doesn't make it wanking. Please go see +> if you can get any kind of governmental clearance of credential without +> in-person vetting. Ask them if they accept your behavioral signature. +> > +> > I know there is a lot of PGP hating these days but this comment doesn't +> necessarily apply to every situation. +> > +> > +> > +> >> On Sep 15, 2014, at 9:08 AM, Jeff Garzik <jgarzik@bitpay.com> wrote: +> >> +> >>> On Mon, Sep 15, 2014 at 3:23 AM, Thomas Zander <thomas@thomaszander.se> +> wrote: +> >>> Any and all PGP related howtos will tell you that you should not trust +> or sign +> >>> a formerly-untrusted PGP (or GPG for that matter) key without seeing +> that +> >>> person in real life, verifying their identity etc. +> >> +> >> Such guidelines are a perfect example of why PGP WoT is useless and +> >> stupid geek wanking. +> >> +> >> A person's behavioural signature is what is relevant. We know how +> >> Satoshi coded and wrote. It was the online Satoshi with which we +> >> interacted. The online Satoshi's PGP signature would be fine... +> >> assuming he established a pattern of use. +> >> +> >> As another example, I know the code contributions and PGP key signed +> >> by the online entity known as "sipa." At a bitcoin conf I met a +> >> person with photo id labelled "Pieter Wuille" who claimed to be sipa, +> >> but that could have been an actor. Absent a laborious and boring +> >> signed challenge process, for all we know, "sipa" is a supercomputing +> >> cluster of 500 gnomes. +> >> +> >> The point is, the "online entity known as Satoshi" is the relevant +> >> fingerprint. That is easily established without any in-person +> >> meetings. +> >> +> >> -- +> >> Jeff Garzik +> >> Bitcoin core developer and open source evangelist +> >> BitPay, Inc. https://bitpay.com/ +> >> +> >> +> ------------------------------------------------------------------------------ +> >> Want excitement? +> >> Manually upgrade your production database. +> >> When you want reliability, choose Perforce +> >> Perforce version control. Predictably reliable. +> >> +> http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk +> >> _______________________________________________ +> >> Bitcoin-development mailing list +> >> Bitcoin-development@lists.sourceforge.net +> >> https://lists.sourceforge.net/lists/listinfo/bitcoin-development +> +> +> +> -- +> Jeff Garzik +> Bitcoin core developer and open source evangelist +> BitPay, Inc. https://bitpay.com/ +> + +--047d7bf0d38210babc05031bbdc5 +Content-Type: text/html; charset=UTF-8 +Content-Transfer-Encoding: quoted-printable + +<div dir=3D"ltr">In the context of Bitcoin I will concede that perhaps it h= +olds true for now.<div><br></div><div>I also never said the actual credenti= +al you receive from a government agency is trustable. I completely agree th= +at they are forgeable and not necessarily reliable. That was not my point. = +I was referring to the vetting process before issuance.</div><div><br></div= +><div>Just as you have behavioral characteristics online that contribute to= + trusting an "identity" you also exhibit in person attributes, su= +ch as physically being in a specific location at a certain time or blue eye= +s or biometrics, that are valuable. You simply cannot capture those in an o= +nline-only world. I don't see how you can deny the value there.</div><d= +iv><br></div><div>You are most certainly and undeniably the expert in the B= +itcoin context here so I will not even attempt to argue with you on that, b= +ut I just think it's not realistic to ignore the value of an in-person = +network in other contexts. You called it "geek wanking" with no q= +ualifier "in the Bitcoin context" so excuse me if I misunderstood= + your intent.=C2=A0</div><div><br></div></div><div class=3D"gmail_extra"><b= +r><div class=3D"gmail_quote">On Mon, Sep 15, 2014 at 10:33 AM, Jeff Garzik = +<span dir=3D"ltr"><<a href=3D"mailto:jgarzik@bitpay.com" target=3D"_blan= +k">jgarzik@bitpay.com</a>></span> wrote:<br><blockquote class=3D"gmail_q= +uote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1e= +x">It applies to OP, bitcoin community development and Satoshi.<br> +<br> +"value of in person vetting of identity is undeniable"...=C2=A0 n= +o it is<br> +quite deniable. Satoshi is the quintessential example. We value brain<br> +output, code.=C2=A0 The real world identity is irrelevant to whether or not= +<br> +bitcoin continues to function.<br> +<br> +The currency of bitcoin development is code, and electronic messages<br> +describing cryptographic theses.=C2=A0 _That_ is the relevant fingerprint.<= +br> +<br> +Governmental id is second class, can be forged or simply present a<br> +different individual from that who is online.=C2=A0 PGP WoT wanking does<br= +> +not solve that problem at all.<br> +<br> +<br> +<br> +<br> +<br> +<br> +On Mon, Sep 15, 2014 at 9:32 AM, Brian Hoffman <<a href=3D"mailto:brianc= +hoffman@gmail.com">brianchoffman@gmail.com</a>> wrote:<br> +> I would agree that the in person aspect of the WoT is frustrating, but= + to dismiss this as "geek wanking" is the pot calling the kettle.= +<br> +><br> +> The value of in person vetting of identity is undeniable. Just because= + your risk acceptance is difference doesn't make it wanking. Please go = +see if you can get any kind of governmental clearance of credential without= + in-person vetting. Ask them if they accept your behavioral signature.<br> +><br> +> I know there is a lot of PGP hating these days but this comment doesn&= +#39;t necessarily apply to every situation.<br> +><br> +><br> +><br> +>> On Sep 15, 2014, at 9:08 AM, Jeff Garzik <<a href=3D"mailto:jga= +rzik@bitpay.com">jgarzik@bitpay.com</a>> wrote:<br> +>><br> +>>> On Mon, Sep 15, 2014 at 3:23 AM, Thomas Zander <<a href=3D"= +mailto:thomas@thomaszander.se">thomas@thomaszander.se</a>> wrote:<br> +>>> Any and all PGP related howtos will tell you that you should n= +ot trust or sign<br> +>>> a formerly-untrusted PGP (or GPG for that matter) key without = +seeing that<br> +>>> person in real life, verifying their identity etc.<br> +>><br> +>> Such guidelines are a perfect example of why PGP WoT is useless an= +d<br> +>> stupid geek wanking.<br> +>><br> +>> A person's behavioural signature is what is relevant.=C2=A0 We= + know how<br> +>> Satoshi coded and wrote.=C2=A0 It was the online Satoshi with whic= +h we<br> +>> interacted.=C2=A0 The online Satoshi's PGP signature would be = +fine...<br> +>> assuming he established a pattern of use.<br> +>><br> +>> As another example, I know the code contributions and PGP key sign= +ed<br> +>> by the online entity known as "sipa."=C2=A0 At a bitcoin= + conf I met a<br> +>> person with photo id labelled "Pieter Wuille" who claime= +d to be sipa,<br> +>> but that could have been an actor.=C2=A0 Absent a laborious and bo= +ring<br> +>> signed challenge process, for all we know, "sipa" is a s= +upercomputing<br> +>> cluster of 500 gnomes.<br> +>><br> +>> The point is, the "online entity known as Satoshi" is th= +e relevant<br> +>> fingerprint.=C2=A0 That is easily established without any in-perso= +n<br> +>> meetings.<br> +>><br> +>> --<br> +>> Jeff Garzik<br> +>> Bitcoin core developer and open source evangelist<br> +>> BitPay, Inc.=C2=A0 =C2=A0 =C2=A0 <a href=3D"https://bitpay.com/" t= +arget=3D"_blank">https://bitpay.com/</a><br> +>><br> +>> ------------------------------------------------------------------= +------------<br> +>> Want excitement?<br> +>> Manually upgrade your production database.<br> +>> When you want reliability, choose Perforce<br> +>> Perforce version control. Predictably reliable.<br> +>> <a href=3D"http://pubads.g.doubleclick.net/gampad/clk?id=3D1575081= +91&iu=3D/4140/ostg.clktrk" target=3D"_blank">http://pubads.g.doubleclic= +k.net/gampad/clk?id=3D157508191&iu=3D/4140/ostg.clktrk</a><br> +>> _______________________________________________<br> +>> Bitcoin-development mailing list<br> +>> <a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitco= +in-development@lists.sourceforge.net</a><br> +>> <a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-de= +velopment" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/b= +itcoin-development</a><br> +<span class=3D"HOEnZb"><font color=3D"#888888"><br> +<br> +<br> +--<br> +Jeff Garzik<br> +Bitcoin core developer and open source evangelist<br> +BitPay, Inc.=C2=A0 =C2=A0 =C2=A0 <a href=3D"https://bitpay.com/" target=3D"= +_blank">https://bitpay.com/</a><br> +</font></span></blockquote></div><br></div> + +--047d7bf0d38210babc05031bbdc5-- + + |