Secret key holder identity (was: Local file encryption)

NikNot niknot at
Tue Feb 20 00:16:44 CET 2007

On 2/19/07, Joseph Oreste Bruni <jbruni at> wrote:

> It's funny you mention this: I got into an argument with a
> "consultant" about how X.509 certificates are a privacy violation
> because your identity is encoded into the "subject" field. I kept
> asking him, "How would you know whose cert. it is without it?" At any
> rate, there are lot of bozos in the world posing as "security
> experts" who shouldn't be taken seriously.

(Its not clear (to me) from the above what was "the bozo" saying: that
the certificates _are_ or _are not_ a privacy violation?)

I find it very interesting that Phil Zimmemann, who invented WOT,
apparently realizes that times are changing, and that WOT has
outlived its usefullness; specifically because - unlike perhaps at
the time of birth of PGP - trafic analysis is a threat that may be
naively ignored only in geek kindergartens, but not in the real life.


More information about the Gnupg-users mailing list