key question

Robert J. Hansen rjh at
Fri Feb 26 18:04:36 CET 2010

On 2/26/10 10:53 AM, MFPA wrote:
> There are privacy issues, especially if user-ids on the key contain 
> email addresses.

This isn't persuasive.  It's been hammered out tons of times, and no one
has ever presented a strong argument for keeping email addresses secret.
 Usually the same arguments are marshaled against it again and again,
and those are the same arguments that have not been persuasive.

> In some cases, the authorities knowing an individual used encryption
> could be a problem.

Why?  Because they have a key on the keyservers?  If this is what you're
worried about, rest easy: there are so many easier ways to learn whether
someone uses encrypted email that I can't imagine competent
law-enforcement searching the keyservers.

For instance, in the United States the authorities can get your email
headers without a warrant.  That means to, from, subject, routing
information, and all the kluges.  Check the kluges on this email and I'm
pretty sure you'll see kluges related to Enigmail.  Presto, at that
point people know I'm using a crypto-aware MTA.

Investigators also don't develop very many leads based on "gee, this
person uses crypto."  Many more leads are developed based on kludge
investigation -- what security geeks call "traffic analysis."  If they
nab a child pornographer and discover that you always emailed him
between one and three days before the child pornographer uploaded a new
set of images, well... that's the kind of interesting coincidence which
will start a federal investigation.  The fact you have a crypto key, not
so much.

> There is the issue of controlling the image that is portrayed by the
> signatures on your key.

That image can only be portrayed if the viewers are ignorant of how the
WoT works.  What you are saying here is, "we must change the way we act
in order to accommodate the prejudices of the ignorant."

Did that in high school -- it was the most disastrous social experiment
of my life.  I've seen nothing in the last twenty years to make me think
I should repeat this experiment.

> Other than that, how the presence of my key on a keyserver foster the
> use of encryption when emailing me? It will probably not be noticed
> by anybody who doesn't use OpenPGP already.

The second sentence is a tautology.  "OpenPGP technologies will probably
not be used by people who don't use OpenPGP already."  It's trivially
true, which is to say that it's a true statement which leads nowhere.

Speaking for myself, I've used the keyservers on several occasions.
I'll meet someone in person, they'll give me their key ID and
fingerprint, and then later on I'll pull down their key ID, verify their
fingerprint, and then use it for communication with them.

I have my OpenPGP fingerprint at the bottom of my business card for just
this reason.  When I hand out cards at conferences, I not only tell
people how to contact me, but I give people all the information they
need to contact me securely.  I know several other people who do the
same thing.

> What's not to agree with in my statement that not everybody wants to
> put their keys on the keyservers?

I don't think we agree that's your statement.  Not everybody believes
the world is round, or that the Earth orbits the sun.  You can always
find at least *one* person who believes some nonsense, and the fact that
not *everyone* agrees is not evidence that these minority fringe
viewpoints should be allowed to substantially influence mainstream usage.

The fact you are arguing so passionately for this point of view leads me
to believe you have a horse in this race, and that you want to persuade
other people to not upload keys by default.

If all you're saying is, "there are people in the world who do not
understand the keyserver network and get unhinged when others upload
their public keys to it," then sure, I agree.  Thread's dead, next
subject, we'll continue to use the keyserver network and they'll
continue to get unhinged.

More information about the Gnupg-users mailing list