> What that doesn't seem to address are multiple people with the same name. So the sender know he's sending an email only John Doe can read, but he still don't know which John Doe it is.
That's not the way I read this. Governikus validates the names match, but they're linking the PGP key with the government ID, which should have some sort of unique identifier. What Governikus ought to be signing is a link between the PGP key and the government card's unique identifier. The name ought to be purely informational, and I wouldn't be surprised if the government has a public service showing the name of a person after supplying the unique ID as a parameter.
It does not have such a service. In fact, it is prohibited to use the document number for any other purpose than identifying the document itself, even for government entities.
That's not the way I read this. Governikus validates the names match, but they're linking the PGP key with the government ID, which should have some sort of unique identifier. What Governikus ought to be signing is a link between the PGP key and the government card's unique identifier. The name ought to be purely informational, and I wouldn't be surprised if the government has a public service showing the name of a person after supplying the unique ID as a parameter.