hashed user IDs [was: Re: Security of the gpg private keyring?]
MFPA
expires2011 at ymail.com
Sun Mar 6 14:12:11 CET 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi
On Thursday 3 March 2011 at 12:33:27 AM, in
<mid:4D6EE1D7.2050707 at sixdemonbag.org>, Robert J. Hansen wrote:
> It's not a tangent at all, and for almost the exact
> reason you cite. You would say "it can easily be done."
> I would say, "it can easily be enforced." I'm not
> seeing an effective enforcement mechanism here. Without
> that, I don't see how it can easily be done.
What would need to be enforced? If a user chose to use hashes when
creating their user-IDs, then all by themself without the need for any
enforcement mechanism they have obscured the data; somebody already in
possession of the data can compare hashes but somebody inspecting the
user-IDs cannot extract the information that is obscured.
> Basically what you're saying is, "I don't want other
> people to be able to publicly share data that I feel
> personally identifies me." That's a perfectly
> understandable want, but you can't make data
> uncopyable. Digital information may be easily and near
> costlessly copied and shared: that's just its essential
> nature.
Precisely the point of using hashes in user-IDs: all that would be
available to copy and share is a hash of the data.
>> 3. I have email addresses that you don't know.
>> These email addresses are readable from my key's user
>> IDs. It is trivial for you to obtain these
>> email addresses.
>> 4. I have email addresses that you don't know.
>> These email addresses are not readable from my key's
>> user IDs. It is harder for you to obtain these
>> email addresses.
> I don't believe 4 is the case at all. In this era of
> Facebook, Twitter, social media and people profligately
> sharing information, well... this seems a lot like
> locking up the barn after the cattle have run off.
Even if you consider the search to be trivial, it is still harder than
not needing to search. I deliberately used the comparative. Now I'm
just being a pedant. (-:
> You're begging the question: how does it get made
> ex-directory? In the case of a telephone, it's because
> you have a single point of authority who will enforce
> your wishes. In the case of the certificate servers,
> how does it get done?
> I'm not saying it shouldn't get done or that I wouldn't
> like it if it were done. I'm only saying that, at
> present, it doesn't appear it *can* be done.
The user already has complete control over what string to use as their
user-ID.
There is nothing stopping anybody from publishing a key with
user-IDs such as
"b735ed0655b5a9017bc102f6b1799aa9959a3251
(55fbb2c0169d568bbd2ced25e1f47737e7ef3a34)
<529ed52d3ec1186584ec75109e732f9b9da3f12d>"
but there is no point without a mechanism for other users to
select that key from an email address (or a name).
- --
Best regards
MFPA mailto:expires2011 at ymail.com
Lotto: A tax on people who are bad at statistics!
-----BEGIN PGP SIGNATURE-----
iQE7BAEBCgClBQJNc4gwnhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pgdgEALob
6wWg/GGyae8cHa9nl4eExBGTONpi+r+BITD735NZLm2FREVHvFisc7An7Ti9jLbU
lurAycbCQ5BXeR+V+b5UgxBVK5AOLa69nwAxL7eoESyZ+Lnzq4fuMNUnFd2vmEth
iI1QBknRG3qiiY3vnucpCgTI+Dy7VILR0ceREbgb
=Jimz
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list