newbie question about identities
Fri Oct 3 20:58:01 CEST 2003
> > let's say i have 2 identities....
> > employee@big-corp
> > radical@big-corp-sucks
> > obviously, each of these identities should be kept *FAR* apart.
> Perhaps it would be better to state the problem in a more
> fundamental form: the first identity requires no anonymity,
> the second does.
you raise a good point, but for this thread the concern is whether or not
either identity can be deduced using a shared key-pair (which it can,
although the handbook seems misleading on the subject), and what is the
simplest way to avoid that (which seems to be that each identity has it's
both identities may have a need for trusted (aka, not anonymous) secure
email.... it's not that one party needs anonymity, it's really that both
IDs have to remain isolated from each other.... obviously, if both IDs are
sending mail from the same account on a server, that would be a way to
determine that they belong to the same person... there are many places
where a person can screw up, but i'm trying to find out how much of that
rests in the keys...
i agree that the documentation is lacking in all areas of anonymity, but
that's not what i'm going after, here. there are many steps beyond the
scope of this thread for keeping one (or more) identities anonymous.
> If you think of it, the purpose of Public Key Infrastructure
> (PKI) is directly opposite to the notion of anonymity.
> (If I can be flippant here, that which is *public* can not
> be *anonymous*). Thus, no matter what the implementation
> details and protocols are, PKI will be detrimental to
> anonymity. Anything/anybody that requires anonymity should
> stear clear of PKI. (please note I said 'PKI', and *not*
> 'public key cryptosystems').
> It is, IMHO, quite disturbing that many novices do not
> understand this, and that the problem of anonymity is
> never addressed by the extensive GPG documentation.
http://smasher.suspicious.org/fs1r Yamaha FS1R
"God save the queen
and her fascist regime"
-- Sex Pistols
More information about the Gnupg-users