[pgpony] $ download
// glossary / pgp-user-id

PGP User ID.

A human-readable string attached to a key — typically your name and email — bound by a signature from the key itself. User IDs are how OpenPGP keys advertise who they belong to. A key can have several (work, personal, alias) and you can add or remove them over the key's lifetime.

// definition

A User ID (UID) is a string bound to an OpenPGP key, conventionally formatted as Name <email@example.com> with an optional comment. It's attached to the key by a self-signature from the primary, asserting "this identity belongs to this key."

What it is.

OpenPGP keys are bound to identities, not to cryptographic vacuums. A User ID is how an identity is attached: a string in the conventional format Display Name (Optional comment) <email@example.com> bound to the primary key by a self-signature.

The self-signature is what proves the key holder is making the identity claim. Anyone can put any string in a User ID slot — the cryptographic content is the signature from the key asserting "yes, this is mine." When you verify someone's fingerprint and import their key, you're trusting their self-signed User IDs as identity declarations they've made.

A key can have multiple User IDs. Common patterns: one key with both work and personal email; one key with name + alias for online communities; one key with name in multiple scripts (Latin + native-script). All bound to the same primary key, sharing the same fingerprint.

Why it matters.

User IDs are what humans search for when they look up a key. "Find the PGP key for journalist@nytimes.com" is a User ID lookup. Keyservers and WKD index by the email portion of User IDs. Whether a signature is "valid" against a specific identity depends on whether that identity is listed as a User ID on the signing key.

They're also what mismatches with git author email when GitHub shows "Unverified" instead of the Verified badge. Git wants the commit author email to match a User ID on the signing key. If you use you@personal.com in git but your PGP key only has you@work.com as a User ID, the signature is mathematically valid but the identity claim doesn't line up.

// User ID formats
Common: Casey Smith <casey@example.com> With note: Casey Smith (work email) <casey@company.com> Multiple: Casey Smith <casey@example.com> Casey Smith <casey@personal.org> ケイシー・スミス <casey@example.com>
// in PGPony During key generation, the Identity section asks for Full Name and Email Address — these combine into your primary User ID in the standard format. The key detail view lists all User IDs bound to the key.

Related terms

Get PGPony

Free OpenPGP encryption for iOS and Android. No accounts, no tracking.

Download on the App Store Get it on Google Play