hashed user IDs [was: Re: Security of the gpg private keyring?]

[Ben McGinnes]

On 10/03/11 11:03 AM, Hauke Laging wrote:
> Am Mittwoch 09 März 2011 14:39:35 schrieb Robert J. Hansen:
> 
> As we all know you love anecdotal evidence, here's mine: You are
> probably right but consider two points:
> 
> 1) Today there is no use in obeying the (2) rules. If such a feature
> is implemented then those who are interested in using it will
> consider creating new email addresses according to (2). Nonetheless
> the number of interested users may be small (but increasing with
> increasing public attention to privacy problems besides reading mail
> contents).

I'd agree with this.  There are enough increases in prying eyes from
governments and corporations for more and more people to consider such
obfuscation warranted or warranted under some circumstances.

>>  My suspicion is the number of users impacted by (3) is pretty large.
>
> I have never done that. I cannot iamagine why this should be
> important to anyone. You know which email address you are going to
> write to, don't you?  OpenPGP should not prevent new features
> because somebody abuses the infrastructure as a kind of address
> book.

I have.  Many, many times.  There's no point doing it for a free email
service provider's domain (e.g. gmail.com), but sometimes there are
advantages in checking for keys belonging to people at particular
organisations (e.g. government departments).  This is one of the
reasons why I'd prefer MFPA's suggestion, were it ever implemented, to
be optional rather than the default.

If that feature weren't available, I doubt I would've found this:

pub   1024D/B3F77236 2000-09-21
uid                  Stephen Smith <stephen.smith.mp at aph.gov.au>
sub   2048g/0E0EEE5F 2000-09-21

Stephen Smith was in Opposition when he made that key, but now he's
Minister of Defence.

> More important: Not everyone is going to do this. Those people who
> regard it important to protect their addresses and names really
> don't care about convenience (if the alternative is omitting the
> feature).

In the mean time, those who would be more likely to do this end up
creating pseudonymous accounts and separate keys for each case they
wish to deal with.

> It might make sense to print a warning if a user activates this
> hashing feature for a UID with an email address which is obviously
> not brute force safe.

Good idea.

> And in contrast to Werner I do believe that signatures are going to
> kill the spam problem one day. :-)

Ah, but will that be in our lifetimes?

I don't know how much effect that will really have on spam, but I can
see signatures helping to prevent things like this:

https://secure.wikimedia.org/wikipedia/en/wiki/Utegate

Following the revelation that the email at the centre of the scandal
had been faked by Godwin Grech, I did email my MP suggesting they
start using OpenPGP signatures.  Apparently the DSD had cleared
OpenPGP compliant software for use by government departments years
ago, but it was up to each department to decide whether or not to use
them.  Presumably Treasury and the Department of the Prime Minister
and Cabinet chose not to.


Regards,
Ben

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110310/7d0de6f9/attachment.pgp>