public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Pieter Wuille <pieter.wuille@gmail.com>
To: Brian Hoffman <brianchoffman@gmail.com>
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Does anyone have anything at all signed by Satoshi's PGP key?
Date: Mon, 15 Sep 2014 16:55:47 +0200	[thread overview]
Message-ID: <CAPg+sBg3fVHB-zHa=gY_04BPW50v6ZVyFozQ6KcPc+a_3NPsig@mail.gmail.com> (raw)
In-Reply-To: <CAADm4BARhLUrQSk1xy_Rk_rmXw=RkrX7y_+a57HmJbUKwpQLHA@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 5482 bytes --]

WoT is a perfectly reasonable way to establish trust about the link between
an online identity and a real world identity.

In the case of a developer with an existing reputation for his online
identity, that link is just irrelevant.
On Sep 15, 2014 4:52 PM, "Brian Hoffman" <brianchoffman@gmail.com> wrote:

> In the context of Bitcoin I will concede that perhaps it holds true for
> now.
>
> I also never said the actual credential you receive from a government
> agency is trustable. I completely agree that they are forgeable and not
> necessarily reliable. That was not my point. I was referring to the vetting
> process before issuance.
>
> Just as you have behavioral characteristics online that contribute to
> trusting an "identity" you also exhibit in person attributes, such as
> physically being in a specific location at a certain time or blue eyes or
> biometrics, that are valuable. You simply cannot capture those in an
> online-only world. I don't see how you can deny the value there.
>
> You are most certainly and undeniably the expert in the Bitcoin context
> here so I will not even attempt to argue with you on that, but I just think
> it's not realistic to ignore the value of an in-person network in other
> contexts. You called it "geek wanking" with no qualifier "in the Bitcoin
> context" so excuse me if I misunderstood your intent.
>
>
> On Mon, Sep 15, 2014 at 10:33 AM, Jeff Garzik <jgarzik@bitpay.com> wrote:
>
>> It applies to OP, bitcoin community development and Satoshi.
>>
>> "value of in person vetting of identity is undeniable"...  no it is
>> quite deniable. Satoshi is the quintessential example. We value brain
>> output, code.  The real world identity is irrelevant to whether or not
>> bitcoin continues to function.
>>
>> The currency of bitcoin development is code, and electronic messages
>> describing cryptographic theses.  _That_ is the relevant fingerprint.
>>
>> Governmental id is second class, can be forged or simply present a
>> different individual from that who is online.  PGP WoT wanking does
>> not solve that problem at all.
>>
>>
>>
>>
>>
>>
>> On Mon, Sep 15, 2014 at 9:32 AM, Brian Hoffman <brianchoffman@gmail.com>
>> wrote:
>> > I would agree that the in person aspect of the WoT is frustrating, but
>> to dismiss this as "geek wanking" is the pot calling the kettle.
>> >
>> > The value of in person vetting of identity is undeniable. Just because
>> your risk acceptance is difference doesn't make it wanking. Please go see
>> if you can get any kind of governmental clearance of credential without
>> in-person vetting. Ask them if they accept your behavioral signature.
>> >
>> > I know there is a lot of PGP hating these days but this comment doesn't
>> necessarily apply to every situation.
>> >
>> >
>> >
>> >> On Sep 15, 2014, at 9:08 AM, Jeff Garzik <jgarzik@bitpay.com> wrote:
>> >>
>> >>> On Mon, Sep 15, 2014 at 3:23 AM, Thomas Zander <
>> thomas@thomaszander.se> wrote:
>> >>> Any and all PGP related howtos will tell you that you should not
>> trust or sign
>> >>> a formerly-untrusted PGP (or GPG for that matter) key without seeing
>> that
>> >>> person in real life, verifying their identity etc.
>> >>
>> >> Such guidelines are a perfect example of why PGP WoT is useless and
>> >> stupid geek wanking.
>> >>
>> >> A person's behavioural signature is what is relevant.  We know how
>> >> Satoshi coded and wrote.  It was the online Satoshi with which we
>> >> interacted.  The online Satoshi's PGP signature would be fine...
>> >> assuming he established a pattern of use.
>> >>
>> >> As another example, I know the code contributions and PGP key signed
>> >> by the online entity known as "sipa."  At a bitcoin conf I met a
>> >> person with photo id labelled "Pieter Wuille" who claimed to be sipa,
>> >> but that could have been an actor.  Absent a laborious and boring
>> >> signed challenge process, for all we know, "sipa" is a supercomputing
>> >> cluster of 500 gnomes.
>> >>
>> >> The point is, the "online entity known as Satoshi" is the relevant
>> >> fingerprint.  That is easily established without any in-person
>> >> meetings.
>> >>
>> >> --
>> >> Jeff Garzik
>> >> Bitcoin core developer and open source evangelist
>> >> BitPay, Inc.      https://bitpay.com/
>> >>
>> >>
>> ------------------------------------------------------------------------------
>> >> Want excitement?
>> >> Manually upgrade your production database.
>> >> When you want reliability, choose Perforce
>> >> Perforce version control. Predictably reliable.
>> >>
>> http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
>> >> _______________________________________________
>> >> Bitcoin-development mailing list
>> >> Bitcoin-development@lists.sourceforge.net
>> >> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>>
>>
>>
>> --
>> Jeff Garzik
>> Bitcoin core developer and open source evangelist
>> BitPay, Inc.      https://bitpay.com/
>>
>
>
>
> ------------------------------------------------------------------------------
> Want excitement?
> Manually upgrade your production database.
> When you want reliability, choose Perforce
> Perforce version control. Predictably reliable.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>

[-- Attachment #2: Type: text/html, Size: 7533 bytes --]

  reply	other threads:[~2014-09-15 14:55 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-09-13 13:55 [Bitcoin-development] Does anyone have anything at all signed by Satoshi's PGP key? Peter Todd
2014-09-13 14:03 ` Jeff Garzik
2014-09-14  6:28   ` Peter Todd
2014-09-15  7:23     ` Thomas Zander
2014-09-15  9:49       ` Melvin Carvalho
2014-09-15 13:08       ` Jeff Garzik
2014-09-15 13:32         ` Brian Hoffman
2014-09-15 14:33           ` Jeff Garzik
2014-09-15 14:49             ` Brian Hoffman
2014-09-15 14:55               ` Pieter Wuille [this message]
2014-09-15 14:38           ` ThomasZander.se
2014-09-15 15:10           ` Thomas Zander
2014-09-15 15:51             ` Matt Whitlock
2014-09-15 16:07               ` Thomas Zander
2014-09-15 16:10               ` Gregory Maxwell
2014-09-15 16:20                 ` Peter Todd
2014-09-15 14:44         ` Venzen
2014-09-15 18:06         ` Justus Ranvier

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAPg+sBg3fVHB-zHa=gY_04BPW50v6ZVyFozQ6KcPc+a_3NPsig@mail.gmail.com' \
    --to=pieter.wuille@gmail.com \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=brianchoffman@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox