hashed user IDs [was: Re: Security of the gpg private keyring?]

Hauke Laging mailinglisten at hauke-laging.de
Wed Mar 9 14:46:53 CET 2011


Am Mittwoch 09 März 2011 14:11:16 schrieb Ben McGinnes:

This discussion has been there before (initiated once by me).

> This would allow someone to use a single key for multiple identities
> or pseudonyms, without the information about those identities being
> learned by different groups.  Well, probably not.

There are several advantages:

1) You don't reveal the social connections by signing keys. If you want to 
validate a key by its signatures and see a signature of an unknown key then 
there is (IMHO) no reason why you should know who has certified this key. This 
information can easily be abused. The perfect web of trust would be the 
perfect source of information which should be considered private (who knows 
whom). This problem is hardly reduced by the fact that there are signatures 
(from key signing parties) from people without real social or commercial 
contact.


2) For people in countries where authorities' rights and actions are not as 
easily ruled unconstitutional like in Germany (or not at all) it is useful if 
not only the content of their communication is hidden but also the identity of 
the communication partners (even of those in free countries). This is, of 
course, more complex than hashing a key ID, thus I am not sure how important 
this feature would be (as you have to hide the partner's email address or the 
connection to the identity and these email addresses have both to be kept 
secret (because you can easily hash all "publicly available" addresses) and to 
be complex enough not to be guessed; this may result in greatnesses like 
sqq8ctpmbf81yucw8nzwbaod at hauke-laging.de).

In general it is useful for a web of trust to have long living keys. Email 
addresses are more easily changed than keys.


3) You prevent spammers from using keyservers as a source. Yes, I am aware 
that certain people on this list don't accept this as an argument (for 
different reasons). The most important point for this question is probably 
that the infrastructure has to be safe BEFORE it gets so big that it becomes 
interesting for spammers.


> Another reason why we all love Germany now.  ;)

According to a new study it has the best worldwide image of all relevant 
countries worldwide. However. :-)


Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110309/b5a83156/attachment.pgp>


More information about the Gnupg-users mailing list