hashed user IDs [was: Re: Security of the gpg private keyring?]

Robert J. Hansen rjh at sixdemonbag.org
Thu Mar 3 01:33:27 CET 2011


On 3/2/11 6:34 PM, MFPA wrote:
> You are going off at a tangent. The mechanism for preventing the phone
> number being obtainable from a query of the phone book or directory
> enquiry services is not relevant; just the fact that it can easily be
> done.

It's not a tangent at all, and for almost the exact reason you cite.
You would say "it can easily be done."  I would say, "it can easily be
enforced."  I'm not seeing an effective enforcement mechanism here.
Without that, I don't see how it can easily be done.

Basically what you're saying is, "I don't want other people to be able
to publicly share data that I feel personally identifies me."  That's a
perfectly understandable want, but you can't make data uncopyable.
Digital information may be easily and near costlessly copied and shared:
that's just its essential nature.

> 3.      I have email addresses that you don't know.
>         These email addresses are readable from my key's user IDs.
>         It is trivial for you to obtain these email addresses.
> 
> 4.      I have email addresses that you don't know.
>         These email addresses are not readable from my key's user IDs.
>         It is harder for you to obtain these email addresses.

I don't believe 4 is the case at all.  In this era of Facebook, Twitter,
social media and people profligately sharing information, well... this
seems a lot like locking up the barn after the cattle have run off.

> "This phone number is not listed in the phone book or at directory
> enquiries" is easily achieved by being ex-directory; this does not
> affect the usefulness of my telephone service.

You're begging the question: how does it get made ex-directory?  In the
case of a telephone, it's because you have a single point of authority
who will enforce your wishes.  In the case of the certificate servers,
how does it get done?

I'm not saying it shouldn't get done or that I wouldn't like it if it
were done.  I'm only saying that, at present, it doesn't appear it *can*
be done.



More information about the Gnupg-users mailing list