key question

MFPA expires2010 at
Sun Feb 28 17:19:57 CET 2010

Hash: SHA512

Hi John

On Saturday 27 February 2010 at 10:21:20 PM, you wrote:

> MFPA wrote:

>> My contention is that the de
>> facto standard of revealing email addresses in key UIDs could actually be
>> mitigating *against* the use of encrypted mail, by discouraging people from
>> publishing keys or even from using openPGP in the first place.

> An /interesting/ thesis, However, to be taken seriously you need to back it up
> with more than conjecture. There are plenty of obstacles to the widespread use
> of encryption in the computing literature without grasping at straws to create more.

I'm not creating an extra obstacle. I'm highlighting an existing
obstacle about which I have consistently found almost no discussion.

I refer you to a thread at where the OP
proposes removing this obstacle by (optionally) hashing the email
address in the UID and particularly the final post at
which covers issues other than the OP's perceived spam threat.

>> There is a widespread perception (rightly or wrongly) that exposing your
>> email address publicly on the internet will lead to that email address being
>> spammed into oblivion. The new openPGP user is exhorted to create a key pair
>> using their name and email address as the UID, and to upload this key to a
>> server. That advice, coupled with the default configuration's enforcement of
>> including an email address (or something that appears to be one) clearly has
>> the potential to scare potential users from experimenting with openPGP in the
>> first place.

> Widespread perception? Indeed? Please quantify.

Before you even look at real privacy concerns, a Google search for
"avoid spam" (without quotes) says there are over 38 million matches.
That's pretty widespread, even if some of those 38 million are
promoting spam filters and other such measures.

> Odds on users will get more SPAM from asking a question
> on a public mailing list such as this one than they will from that attributable
> to keyservers.

Assuming that SPAM (rather than privacy) worries are the obstacle in
their mind, postings saying that keyserver spam is not an issue will
not be all that a potential user researching the matter will find.

They could go to a keyserver, search on a fairly common name, and
in a matter of seconds, display a page containing hundreds of email

Then, finding
would likely concern them, especially when they read the line "It used
to be possible to extract keys from the PGP keyservers, which meant
that a low-tech spammer could nab 5-20000 email addresses"

They might also find where somebody
describes creating and uploading a key with a freshhly-crafted
spamgourmet address, which started receiving spam the following day.

> "(rightly or wrongly)" Or imaginary?

Do I imagine that I can do a search and find seemingly endless advice
about munging, temporary/disposible addresses, care over giving out
your address or posting it to a website or newsgroup? I'm sure I do
not. Whether right or wrong, the perception definitely exists and has
given rise to writings in many quarters..

> Rather than trying to convince us of new
> "obstacles" without providing any evidence, you may wish to review what the HCI
> folks say are the obstacles: "Why Johnny Can't Encrypt"[1], "Why Johnny Still
> Can't Encrypt"[2], "How to Make Secure Email Easier to Use"[3], and a personal
> favorite, "Secrecy, Flagging, and Paranoia: Adoption Criteria in Encrypted
> E-Mail"[4].

Interesting. I had already read [1] and [2].

My would-be user reads up about openPGP. He finds that it's the de
facto standard for his key UID to show his email address. The software
user guides and the community recommend the key be published to the
keyservers. That sets his alarm-bells ringing; he gives up before even
reaching any of the documented obstacles.

> [...]

> I've seen errant ideas criticized, not any person.

Skimming back over some posts in the thread, I still see it.
But, hey, no harm done.

> I think most of us agree that the publishing of another person's key(s) is
> mostly attributable to a) accident, or b) ignorance. I don't think malice
> normally is a factor.

I suspect that's true, although the only time it has so far happened
to me was an act of malice.

- --
Best regards

MFPA                    mailto:expires2010 at

When you're caffeinated, all is right with the world


More information about the Gnupg-users mailing list