hashed user IDs [was: Re: Security of the gpg private keyring?]

MFPA expires2011 at ymail.com
Thu Mar 3 01:21:11 CET 2011

Hash: SHA512


On Wednesday 2 March 2011 at 8:14:08 PM, in
<mid:4D6EA510.7080408 at fifthhorseman.net>, Daniel Kahn Gillmor wrote:

> it sounds to me like you've simply made it difficult
> for people to correspond with you over long periods of
> time because your e-mail address isn't likely to
> continue working.

Not especially so. The ones I use for mailing lists etc. change
periodically. This makes no difference to people contacting me, since
they should be doing it via the list. Ones I use with specific
individuals or groups of people, some are quite fleeting while others
persist for years.

> If your only concern is that you don't want your e-mail
> address publicly visible on the keyservers, just make a
> User ID with no e-mail address at all, and leave it at
> that.

> You'd still need to do the work of changing, say, MUAs
> to re-think their key-selection criteria to include
> keys without e-mail addresses

Something that would not be necessary if the underlying openPGP
implementations could handle hashed user IDs.

> But you wouldn't have to do any of the following:

>  * specify and try to reach consensus on the syntax of
> a "standard" Hashed User ID

Isn't that best handled *after* a proof-of-concept?

>  * modify underlying OpenPGP implementations to try
>  digested searches

Could these be handled by a local proxy? The openPGP implementation
(which is configured to use the local proxy as keyserver, and not to
check the local keyring) queries the proxy using the plaintext search
string. The proxy checks the local keyring for both the plaintext
search string and the hash, and returns the combined results to the
openPGP implementation. The proxy (simultaneously?) queries a
keyserver for both the plaintext search string and the hash. If there
were matches in the local keyring, the keyserver results are discarded
(or cached?). If there were no matches in the local keyring, the
combined results from the keyserver are returned to the openPGP
implementation and keys may be imported as normal.

>  * convince third-parties that it is worth their while
> to certify digested user IDs

That is not necessarily harder than convincing them to sign user IDs
wit no email address.

- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

Zorba the Greek - before he zorbas you


More information about the Gnupg-users mailing list