Problem with faked-system-time option

Hugo Seifert hugo.seifert at hushmail.com
Tue Jun 28 20:13:48 CEST 2011


On Sun, 26 Jun 2011 13:40:10 +0000 Jerome Baum 
<jerome at jeromebaum.com> wrote:

> On Sun, Jun 26, 2011 at 14:16, Hugo Seifert 
> <hugo.seifert at hushmail.com> wrote:
> > Or is the agenda behind GnuPG to provide privacy but forget 
> about
> or even prevent anonymity (...)
> 
> Since when was it called "GNU Anonymity Guard"? Last time I 
> checked,
> it was called "GNU Privacy Guard".

What's in a name?  GnuPG already cares about anonymity interests:

On Fri, Aug 21 1998 18:14:44 CEST, Nimrod Zimerman
<zimerman at forfree.at> wrote:

: A GNUPG patch to enable anonymous encrypted messages
:
: Hello.
: 
: Below is a patch to GNUPG that allows removing the keyid from 
encrypted
: packets (such that one can't know who an encrypted packet is 
destinated
: to), and, obviously, allows decrypting such packets (supplying the
: appropriate userid on the command line).
: 
: Why is this needed? Privacy. When sending an encrypted message 
via a named
: channel (such as 'regular' e-mail), revealing the destination of 
the
: message is something you can't really avoid, and hence the keyid 
on the
: encrypted message doesn't matter. However, when sending a message 
via an
: anonymous channel (through a remailer to a newsgroup, for 
example), adding
: the keyid on the encrypted message is fairly counter productive. 
It might
: not provide potential adversaries the ability to know who can 
read the
: message - but it certainly helps, even if only by aiding in 
traffic
: analysis.
: 
: The solution is quite simple - avoid adding the keyid to 
encrypted messages
: (packets in those messages). This is exactly what the patch does, 
using
: the command-line switch '--throw-keyid'.
: ...

Won't you agree, that a method to alter signature timestamps is a
perfect complement to the --throw-keyid option introduced back then?

Therewith a correct signature timestamp can no longer counteract the
random latency remailers add to the mail delivery time.

Hugo S.




More information about the Gnupg-users mailing list