Possible Feature Request (was Re: Security Concerns)
Tue Nov 5 17:55:01 2002
* MindFuq <email@example.com> [2002-11-03 21:27]:
> By clearsigning, you're not revealing anything about your private key,
> other than who the owner is. ie. I can intercept and copy your
> signature, paste it into the window at www.pgpdump.net, and it will
> reveal the keyID of the public key needed to verify it. I could then
> look on the key servers and find out that the key belongs to you, and
> thus, verify the message came from you.
> So the only danger would be if you needed to send a message to someone
> anonymously (maybe using an anonymous remailer) so that no
> evesdroppers could know your identity, but such that the receiver
> needed to verify your identity. In this case, it would not work. You
> would have to encrypt your signature w/in the message. If you
> clearsign an anonymously remailed message, then anyone who has your
> public key or anyone who can retrieve it from a keyserver can verify
> that you sent the message.
I came accross the --throw-keyid switch today. It's an interesting
switch, in that it withholds the keyid of the receiver from the
encrypted packets. As a test, I tried clearsigning to see if it would
withhold my keyid from the signature.
Didn't happen. But wouldn't that be an interesting feature? It would
protect a sender in the traffic analysis case described above. The
receiver would either have to know who the message belongs to, or try
all the public keys on their keyring.. but at least traffic analyzers
would have one less peice of information.