hashed user IDs [was: Re: Security of the gpg private keyring?]

Robert J. Hansen rjh at sixdemonbag.org
Thu Mar 10 14:18:36 CET 2011


On 3/10/2011 4:57 AM, Hauke Laging wrote:
> A little practical advantage: If gpg had such a feature then the 
> documentation may mention everything that is needed additionally 
> (depending on the targetet opponent: spammers, facebook-alikes, 
> secret police) or useful.

Someone would have to be crazy to write this.  The product liability
lawsuits alone would be daunting.  Remember that a jury trial is often
not so much about the law as it is about blame: if something bad happens
the jury wants to be able to point at someone and say, "that person is
responsible."

If I were to write this, it wouldn't matter how big of a disclaimer I
put on the cover page: I would live in fear of someone hauling me into
court to say, "Ladies and gentlemen of the jury, I followed his
instructions and I got to spend six weeks discovering what my own liver
tasted like.  I blame him for the fact I was captured and tortured by
the secret police."

This also doesn't get into the problem of there being so astonishingly
few people on the list -- quite possibly *zero* people on the list --
who are competent to write such a thing.  A good rule of thumb in crypto
is to never trust ciphers designed by people who haven't first earned
their bones by breaking them.  The same applies to countersurveillance
and tradecraft: don't take advice from people who haven't first proven
their abilities at finding people who really, really don't want to be found.



More information about the Gnupg-users mailing list