From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1XTXVu-0002Xz-Uy for bitcoin-development@lists.sourceforge.net; Mon, 15 Sep 2014 14:44:22 +0000 X-ACL-Warn: Received: from [5.255.87.165] (helo=mail.bihthai.net) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.76) id 1XTXVp-0007UP-4q for bitcoin-development@lists.sourceforge.net; Mon, 15 Sep 2014 14:44:22 +0000 Received: from [192.168.168.254] (unknown [1.46.80.48]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: venzen) by mail.bihthai.net (Postfix) with ESMTPSA id B86E521215 for ; Mon, 15 Sep 2014 16:44:44 +0200 (CEST) Message-ID: <5416FB35.1060700@mail.bihthai.net> Date: Mon, 15 Sep 2014 21:44:05 +0700 From: Venzen Organization: Bihthai Bai Mai User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: bitcoin-development@lists.sourceforge.net References: <20140913135528.GC6333@muck> <20140914062826.GB21586@muck> <201409150923.02817.thomas@thomaszander.se> In-Reply-To: X-Enigmail-Version: 1.5.2 OpenPGP: id=E6F31940; url=keyserver.ubuntu.com Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Spam-Score: 1.0 (+) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 1.0 RDNS_NONE Delivered to internal network by a host with no rDNS X-Headers-End: 1XTXVp-0007UP-4q Subject: Re: [Bitcoin-development] Does anyone have anything at all signed by Satoshi's PGP key? X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list Reply-To: venzen@mail.bihthai.net List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Sep 2014 14:44:23 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Funny that you should describe WoT that way. According to some psycho-analysts the act of making love to a partner is actually a realization of our subconscious desire to make love to ourselves. So, in this sense, WoT geeks are indeed masturbating, but it's with the good purpose of ensuring that it's being done via the intended recipient and not some imposter or unsuspecting bystander. That's a valid concern, especially as Bitcoin development ranks grow and branch beyond a small core team. On 09/15/2014 08:08 PM, Jeff Garzik wrote: > On Mon, Sep 15, 2014 at 3:23 AM, Thomas Zander > wrote: >> Any and all PGP related howtos will tell you that you should not >> trust or sign a formerly-untrusted PGP (or GPG for that matter) >> key without seeing that person in real life, verifying their >> identity etc. > > Such guidelines are a perfect example of why PGP WoT is useless > and stupid geek wanking. > > A person's behavioural signature is what is relevant. We know how > Satoshi coded and wrote. It was the online Satoshi with which we > interacted. The online Satoshi's PGP signature would be fine... > assuming he established a pattern of use. > > As another example, I know the code contributions and PGP key > signed by the online entity known as "sipa." At a bitcoin conf I > met a person with photo id labelled "Pieter Wuille" who claimed to > be sipa, but that could have been an actor. Absent a laborious and > boring signed challenge process, for all we know, "sipa" is a > supercomputing cluster of 500 gnomes. > > The point is, the "online entity known as Satoshi" is the relevant > fingerprint. That is easily established without any in-person > meetings. > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJUFvsyAAoJENQRrA3m8xlAwkAH/iRekS+Q0jIzaMPFJjD9Qh2e TTpnQ5MyceeWaEQ9BIS9Lp92k/KlhYUmdaHRmmgOuUQZ6VlOmLSyveMe2qpX3igb jZX3ydZe2hs1D3Z48MFyNBz06eufApSi5LC8BvN4bYotOD+/qrrxag+jaU3NjDu3 yCaSF563ZQ9xXkfh5JoZ3SGBcRmR5bS6QAoR29OQXBubriPwJuVxUBB37cfaL2Nf rc67q2KgpU/vOyucxMFZgoP0vDjxUzXTc2ONrEHGJUfdypMADFwXjxeA8ikOt4ik GIB69wMGQiMeE5e3H337yJxYaZJK4R1KnrSLF0j+Vkl3Yy25duBYAbFUGayeTw0= =xR8K -----END PGP SIGNATURE-----