If you have a PGP key bound to your email: yeehaw@woot.com and you change the email in the key to: haha@yougotserved.com it produces a definitive hash change, while the underlying key material doesn't change.
Contrast that to an ssh key, which has no bound metadata.
And to your point, both systems in isolation are useless. But the first, combined with proofs and a distribution point like keybase, form a complete system. The second however, ALWAYS relies on a trusted party not doing bad things.
Right, I guess what I was more critical of wasn’t a hash confirmation of associated data — it’s more the trivial bypass of this when the key is compromised in the first place. Theoretically, a user doesn’t export their key, or if they do, it’s under a tightly controlled manner which limits surface area for exposure to only the source and destination. So in this scenario, the only way a private key is exposed is if one of the user’s devices is compromised, in which case the promise of associated data is meaningless.
Contrast that to an ssh key, which has no bound metadata.
And to your point, both systems in isolation are useless. But the first, combined with proofs and a distribution point like keybase, form a complete system. The second however, ALWAYS relies on a trusted party not doing bad things.