deny multiple mails per fingerprint

[skariel]

This is problematic because:

1. Mail is an "identity", just like a github user name is. Having multiple mails, or multiple github user names per fingerprint would cause identity confusion -- a single key would represent multiple identities, which goes against the principle of clear identity mapping that the service provides. This could complicate the trust model.
2. Privacy Issues: When someone looks up a key, which email should be returned? This complicates the get email command and permission system.

Is there a specific usecase for multiple mails per fingerprint?

Path to solution:

• mark fingerprints as unique in schema
• verify in handleregister
• remove duplicates and send notification mail

[sebbu2]

I have multiple mails and (gpg and ssh, 2 of each) keys on my github username.
Thoses 2 gpg keys each have multiple email associated.

For 2, it could just return all of them.
For 1... I can hide my email on github / gitlab, so each would generate me a private email, but i use the same key on both.

[skariel]

ok, this is a fair usecase. I'm closing this issue and opening a new one #14 (support multiple mails per key). initially will be treated as a signle entity, more granularity can be added as needed

[skariel]

hi an update: I started implementing this, and noticed that having multiple fingerprints per mail and multiple mails per fingerprint results in a graph, and checking for permissions now requires a connected component analysis.

so I intend to implement it. however due to the complexity my plan is to first finish writing some tests, and then moving to sqlc, then doing some schema refactoring, and finally implementing this feature. so it may take some time...