hashed user IDs [was: Re: Security of the gpg private keyring?]

Robert J. Hansen rjh at sixdemonbag.org
Wed Mar 2 05:07:19 CET 2011


> The benefits of your phone number being ex-directory are the benefits
> that derive from it being harder for people to obtain your phone
> number without your permission, harder to link the number to your
> name/address, and impossible to find your address or phone number by
> looking in the phone book.

Here the analogy breaks down.  Generally speaking there is only one telephone directory for a given geographic area, which makes it possible for you to keep your phone number private by keeping it out of that one directory.

Email doesn't work the same way.  There is no centralized directory.  To keep your email private requires that you fastidiously keep it out of thousands, tens of thousands of directories.  This doesn't strike me as very practical.

The benefits of keeping a telephone number out of the directory do not seem analogous to keeping an email address off the certificate servers.




More information about the Gnupg-users mailing list