newbie question about identities

Ben Finney
Sat Oct 4 10:49:02 CEST 2003

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On 03-Oct-2003, rhkelly wrote:
> If you think of it, the purpose of Public Key Infrastructure (PKI) is
> directly opposite to the notion of anonymity.

Almost, but see below.

> (If I can be flippant here, that which is *public* can not be
> *anonymous*).

On the contrary; PKI enables anonymity *and* trust, by giving assurance
of continuity between anonymous messages.

Anonymous remailer networks allow messages to be reliably sent without
information traceable to a particular human being.  This is great for
anonymity, but not so good for integrity of the information or assurance
of continuity between messages.

If those messages are OpenPGP signed, however, it can be trivially
determined, with a strong degree of assurance, that the same person did
or did not send two separate anonymous messages.

A single OpenPGP key, if we trust that it is handled properly, gives a
good assurance of integrity; but it doesn't necessarily allow us to
determine the person in the real world.  Anonymity *and* continuity.

For an active, practical implementation of this, see Invisiblog:


 \     "Tis more blessed to give than to receive; for example, wedding |
  `\                                   presents."  -- Henry L. Mencken |
_o__)                                                                  |
Ben Finney <>

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.3 (GNU/Linux)



More information about the Gnupg-users mailing list