Thursday, 19 April 2018

authorship - E-mail address to use in publications


It is customary to use one's academic e-mail address as contact address in publications; I have seen once or twice an @gmail.com address being used instead, but it simply looked unprofessional.


However, I already experienced personally twice that system administrators love to deactivate e-mail addresses when people leave the institution. In a time when serving 1 GB of data costs one cent, apparently it is too demanding to set up forwarding for a few old users.



This leads to "e-mail rot" in many published papers, also for addresses that are explicitly designated as contact addresses. If one happens to have a popular name, it might become difficult to identify them using a search engine after the e-mail address becomes invalid.


What is your proposed solution to this problem? Should we (well, the ones of us that have tenure and power) put pressure on system administrator to change this practice? Should we use in our publications a different, more stable e-mail address than the academic one? Should we maybe get rid of the e-mail and contact address in papers overall? Should we insist that the journal publishers set up an alternative contact system (good luck with that)?


Related question: Changing mailing and e-mail addresses as corresponding author--which to include?



Answer



Since Piotr's answer and the discussion following it states the most important points (while an academic email address may become invalid, a private one provides no means to verify the author's actual affiliation, or even suggest the author doesn't identify with it), here's my suggestion:



  1. Create a PGP key+ for your private email address

    • optionally add your academic email address as another identity




  2. Have your key signed, e.g. by

    • colleagues

    • your institution's sysadmin

    • a key exclusively for your academic email adress



  3. Publish the key, e.g. at http://pgp.mit.edu/

  4. Ask the publisher to include your public key+ or at least the footprint in the publication


    • The online version should even link to the key entry to make verification easier




Now everyone can easily check your affiliation while you've made sure you can be contacted in the future - you can even add alternative email addresses to you key later on (the upload can be updated), and everyone will be able to deduce that should your original address not be reachable any more, you might be reachable via one of the other addresses associated with your public key.


As an additional benefit, now both you and your co-authors can sign the publication itself, adding another level of trust that this is truly authored (or sometimes rather endorsed, if you're so honest ;) by each of you. And since you now have PGP keys anyway, you can also sign and/or encrypt your emails, making electronic communication both more trustworthy and less prone to leaks. Also, it keeps the NSA out for a while.




+ In case you're not familiar with PGP:


You create a pair of keys consisting of a secret key (which you and only you shall ever possess) and a public key (which you are supposed to make as public as possible/required). The secret key can be used to put a signature on anything digital, like messages, files, protocols, papers or other people's public key, and anyone can use the matching public key to verify that this signature stems from that secret key, and thus (hopefully) from you. Reversely, anyone can encrypt data for you with your public key that only you can decrypt again with your secret key (messages can be encrypted for multiple recipients as well if required). Since everyone can sign anyone's key, you obtain the Web of trust, a network of keys that allows you to estimate how reliable the association of a key to an actual person is without having to exchange public keys in person. (The downside is, your email address is public and social engineering is possible, but we're responsible adults, right?)



A great open source implementation of the Open PGP standard is the GNU Privacy Guard


No comments:

Post a Comment

evolution - Are there any multicellular forms of life which exist without consuming other forms of life in some manner?

The title is the question. If additional specificity is needed I will add clarification here. Are there any multicellular forms of life whic...