Opportunistic Encryption [Was: Keys not trusted]

Neil Williams linux@codehelp.co.uk
Thu May 15 23:11:02 2003

Hash: SHA1

On Thursday 15 May 2003 6:13 pm, darren chamberlain wrote:
> > I need a little help here.  What, exactly, would an "anonymous" key
> > *mean*?  To what would a document signed by such a key be bound, and
> > why would I care?
> An anonymous key could be used to establish that multiple messages came
> from the same user (or didn't).  

But then it's no longer anonymous. The key can be assigned to a particular 
user or more likely from your scenario, from a particular email account which 
we ASSUME is in use by one person. With no details in the key description to 
identify one unique individual it is also possible (even likely) that the 
anonymous key in question has a blank (or well known) passphrase and is in 
use by many people all operating behind the same email account. A kind of 
corporate key - like the keys that already exist and being used by e.g. 
RedHat and Mandrake.

So seeing as this ability already exists, where's the need?

> It would let you know that the person
> you were corresponding with was the same person from message to message,
> even though it won't tell you who that person is.  It would (or could,
> at least) prevent someone other than the owner of the key from claiming
> to be that person in the future.
> (darren)

But just what happens when hundreds or thousands of these anonymous keys build 
up? There would be no way of correlating how many people could be using them. 

I would not trust anyone using an anonymous key - I'd be tempted to treat all 
messages signed with such a key as spam!

- -- 

Neil Williams


Version: GnuPG v1.0.7 (GNU/Linux)