hashed user IDs [was: Re: Security of the gpg private keyring?]

[Robert J. Hansen]

On 3/12/2011 5:25 PM, MFPA wrote:
> A desire to not publish my email addresses (but still have somebody
> who knows any of my addresses find my key on a server) does not equate
> to an assumption that somebody wants to harvest email addresses from
> servers.

Yes, it does.

If nobody's looking for people's email addresses, then there's no need
to not publish email addresses.  And if there's a need to not publish
email addresses, that's because somebody's looking for them.

> Is not about providing complete confidentiality, anonymity or
> security. Instead of leaving a document open on the desk, this scheme
> is more akin to putting it in the drawer or cupboard than it is to
> putting it in the safe. Not secure but good enough in many
> circumstances.

It is not good enough right now to prevent an even moderately skilled
attacker from recovering email addresses.  A work factor of 10 billion
means I write a Perl script, let my iMac work for a week, and fill up a
$100 hard drive.

This scheme offers the illusion of security instead of actual security:
and I feel selling people an illusion is a deeply corrupt act.

"If we use this blinding scheme it will look like it works but in
reality anyone who wants to map out the Web of Trust will probably just
be delayed for a week and the majority of users will think they're secure."

I mean, really, is that what you want to sell?  Or should this be taken
as a, "the idea of blinded UIDs is a good one, but this idea is
inadequate and should be taken back to the drawing board"?