newbie question about identities
Sat Oct 4 10:49:02 CEST 2003
Content-Type: text/plain; charset=us-ascii
On 03-Oct-2003, rhkelly wrote:
> If you think of it, the purpose of Public Key Infrastructure (PKI) is
> directly opposite to the notion of anonymity.
Almost, but see below.
> (If I can be flippant here, that which is *public* can not be
On the contrary; PKI enables anonymity *and* trust, by giving assurance
of continuity between anonymous messages.
Anonymous remailer networks allow messages to be reliably sent without
information traceable to a particular human being. This is great for
anonymity, but not so good for integrity of the information or assurance
of continuity between messages.
If those messages are OpenPGP signed, however, it can be trivially
determined, with a strong degree of assurance, that the same person did
or did not send two separate anonymous messages.
A single OpenPGP key, if we trust that it is handled properly, gives a
good assurance of integrity; but it doesn't necessarily allow us to
determine the person in the real world. Anonymity *and* continuity.
For an active, practical implementation of this, see Invisiblog:
\ "Tis more blessed to give than to receive; for example, wedding |
`\ presents." -- Henry L. Mencken |
Ben Finney <firstname.lastname@example.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Gnupg-users