[Cryptography] People vs AI
Bill Stewart
billstewart at pobox.com
Wed Mar 12 14:47:31 EDT 2025
On 3/12/2025 11:34 AM, Jon Callas wrote:
>> On Mar 12, 2025, at 00:06, Marek Tichy <marek at gn.apc.org> wrote:
>> Have we lost the web-of-trust track here? If Bob who I know in person tells me that Alice is a person then I have very good reasons to believe that Alice is a person, even though I never met her.
>
> Do you?
>
> There seems to be an assumption in here that a person would neither lie nor be mistaken about it. I have long comments, but a short one here is how you'd handle a pseudonym. How does a person who wants to have a pseudonym and be known by that demonstrate they're a person?
>
> Personally, I think the web-of-trust is problematic in many ways, one of the primary ones being the issue I bring up in the previous paragraph. How does someone who has a pseudonym get verified?
IIRC it was Phil Zimmermann who referred to one problem with WoT being
his friend who he could trust personally but who had terrible judgement.
That was back when the threat model wasn't "are they a human?",
but usually "are they a cop/spy/provocateur?" as well as
"are they really That Person or an imposter?"
I've signed keys for both Lucky Green and Black Unicorn, having met them
in person and decided that they were _probably_ the people who used
those names online. (For Lucky, I'd say 100%; Unicorn maybe 95% :-)
More information about the cryptography
mailing list