expires2010 at ymail.com
Tue Mar 16 11:24:52 CET 2010
-----BEGIN PGP SIGNED MESSAGE-----
On Tuesday 16 March 2010 at 6:02:15 AM, in
<mid:4B9F1EE7.9000404 at gmail.com>, Paul Richard Ramer wrote:
> On Mon, 15 Mar 2010 14:49:32 +0000 MFPA wrote:
>> I don't understand the comment that they were never
>> private information. They will have been private
>> information from their inception up until the time you
>> publicised them or published them.
> I meant that at the time that I decided to include them
> into my key's UIDs, I had already shared those e-mail
> addresses a lot.
I see what you mean, but I would still consider them to be private
information. I have a record of numerous people's email addresses and
phone numbers but each is a piece of private information appertaining
to the person it can be used to contact.
> Given the current system, I think that it would be good
> to educate new adopters that an e-mail address in the
> UID is optional.
So do I.
>> That doesn't only apply to anonymous entities. For
>> example, is today's John Smith the same John Smith I
>> communicated with last week?
> Well, unless you have a way to prove who John Smith is,
> he is about as anonymous as a pseudonymous entity.
That's what I meant: the fact of it being his real name rather than a
pseudonym makes no difference.
> Understood. I think that "private dissemination within
> a public venue" is a better description than "upload
> publicly and download privately".
It also has the feel of quite a catchy slogan. (-;
>> Indeed. The UID hashing idea, that I read about during
>> the life of this thread, would be an additional option
>> to accommodate an increased range of privacy goals.
>> Possibly that particular niche is too marginal to be
>> worth implementing, but it shouldn't be dismissed
>> without consideration.
> Because that niche might be to marginal, I recommended
> that making a working keyserver with those features
> would be the way to go. Then, if the usage is high
> enough, get the other keyservers to implement it.
> If you (or someone else who is interested) have the
> right skills, you could download the SKS keyserver code
> that is located at
> and begin hacking it. Then after you have created
> working code, you could try to get it integrated into
> the existing codebase.
That obviously makes sense.
MFPA mailto:expires2010 at ymail.com
Put knot yore trust inn spel chequers
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users