Ah. I've never thought of PKI as a means of verifying identity in and of itself - more a means of continuing to trust an already establised identity, or of being resonably sure that I'm talking to person X and only person X, even if I don't otherwise know who person X is.
So wechsler@ukcycling.info is no longer Wechsler. Well, that's OK, because the person who now owns that doesn't have Wechsler's private key, so suddenly e-mails coming from that address are unsigned, or signed with a different key, either of which might cause me to go 'Ah - I'm no longer sure that's the Wechsler I know'. Wechsler's private key is the associated with an e-mail address that's no longer valid for him, but as soon as he's told me what his new e-mail asddress is I can update my records. I still trust his public key itself, and can verify documents signed with it and encrypt documents that only he can read (even if I have to wait to find out where to send them).
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
timeasmymeasure
no subject
Date: 2002-06-11 05:59 am (UTC)So wechsler@ukcycling.info is no longer Wechsler. Well, that's OK, because the person who now owns that doesn't have Wechsler's private key, so suddenly e-mails coming from that address are unsigned, or signed with a different key, either of which might cause me to go 'Ah - I'm no longer sure that's the Wechsler I know'. Wechsler's private key is the associated with an e-mail address that's no longer valid for him, but as soon as he's told me what his new e-mail asddress is I can update my records. I still trust his public key itself, and can verify documents signed with it and encrypt documents that only he can read (even if I have to wait to find out where to send them).