key question

Paul Richard Ramer free10pro at gmail.com
Sat Mar 6 09:54:41 CET 2010


Hello MFPA,

During this whole debate, you have assumed one thing in your argument
that I don't believe anyone has pointed out as being flawed.  You have
assumed that the person (I will call him John Doe) would have decided
to create a UID that contained the personal information that he wants
to keep private.

If the person wanted badly to keep his e-mail address, or his e-mail
address and his name, private, why would he put them on his key.
Especially, when he knows that all it takes is one slip up or
deliberate upload to send his public key flying across the Internet
and into a keyserver to remain there forever.

Here are three examples of John Doe wanting to keep the privacy of his
personal information and still use PGP.  I am using these examples,
because they are usage cases that you have used in your arguments.
The usage cases are as follows: (a) John Doe doesn't want to disclose
his e-mail address; (b) John Doe doesn't want to disclose his name
or e-mail address; (c) John Doe doesn't want to disclose his name or
e-mail address, because he fears that his government will send him
to a gulag if they catch him.

Usage Case (a)
--------------

John Doe knows that he doesn't, under any circumstances, want his
e-mail address to be disclosed to the public.  So instead of creating a
UID without his e-mail address, he creates one with his e-mail address.
He gives his key to only those that he wants to communicate with,
which are his friends, family, coworkers, and even business clients.

Everything goes well for John.  His key is off the keyservers, and
it isn't posted anywhere public.  One day while John is fetching
someones keys, he decides, just for kicks, to search for his key on
the keyserver.  John is horrified.  His key is on the keyserver.

Usage Case (b)
--------------

John Doe knows that he doesn't, under any circumstances, want his
name or e-mail address to be disclosed to the public, because he
only wants to communiate with a select group of people.  So instead
of creating a UID without a real name and e-mail address, he creates
one with his name and e-mail address.  After all, he will only use
it with people he trusts.

For communicating with the web at large, he uses a pseudonym and
a disposable e-mail address.  But even though John is separates
communications with people he knows from people he doesn't know,
he still doesn't want his personal information on the Internet.
For this reason, John is careful to ensure that his key isn't publicly
available.

One day, a friend tells John that he wants to apologize to John.
The friend tells John that he accidentally uploaded John's key to
the keyservers.

Usage Case (c)
--------------

John Doe knows that he doesn't, under any circumstances, want his
name or e-mail address to be disclosed the public, because he doesn't
want the government to discover that he is using PGP.  So instead of
creating a UID without his name and e-mail address, he creates one
with his name and e-mail address.

John is careful to share his key with only those that he trusts.
Everything goes well with John (that is, things are only as good as
it can go for the poor guy).  His key isn't anywhere the government
could look for it.

One day, one of John's trusted family members, who lives in a freer
country, accidently uploads John's key to a keyserver.  The family
member doesn't even realize that he did this.  And John doesn't know
that this was done.

--------------

In each of these cases, John Doe made the mistake of thinking that
he could keep his personal information in his key, and that he could
keep his key off the keyservers.  If John were to make the wisest
decision about keeping his personal informaton secret, wouldn't he
choose to not include this information in a key that is probable to
end up in a public venue?

-Paul

--
Please use my PGP key when sending me e-mail, if you can.

PGP Key ID: 0x3DB6D884
PGP Fingerprint: EBA7 88B3 6D98 2D4A E045  A9F7 C7C6 6ADF 3DB6 D884

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 665 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20100306/e1ecbcdd/attachment.pgp>


More information about the Gnupg-users mailing list