It is highly unlikely that the two are the same as the have different PGP Keys. The only way they could prove that it is the same person is if they sign the new PGP Key (or a message) with their old PGP Key. If they won't, or they claim to have lost their PGP Key (any reputable vendor would keep a backup for obvious reasons) then they are not who they say they are. Libertas