hashed user IDs [was: Re: Security of the gpg private keyring?]

Hauke Laging mailinglisten at hauke-laging.de
Thu Mar 10 21:09:58 CET 2011

Am Donnerstag 10 März 2011 14:34:13 schrieb Robert J. Hansen:
> On 3/10/2011 5:23 AM, Hauke Laging wrote:
> > ]Those people who just want to protect their
> > social connections by signing other keys without revealing their identity
> > to those who don't know it already have no need to cover their target
> > addresses because the marketing people and "just curious" normal ones are
> > not capable of reading their email traffic. So there already is a use
> > case.

> Certifications come in two basic varieties: public and private.  A
> public certification is intended as an announcement to the world: "Hey,
> world!  I am [name] and I vouch for this certificate!"

That's the technical situation today. But it is no use to announce that to the 
whole world. It is required only for those people who use your signature in a 
validation chain. Everyone else does not need (and probably not use) the 
signature so there is no benefit for exposing the connection (though unclear) 
between the key owner and the certifier.

> If people want to make public pronouncements of social relationship, why
> in the world would you want to deploy a technology that makes it
> difficult to discover this social relationship?

I want to deploy this technology because

a) this is in my strong opinion not what people WANT (it's just what they DO 
because there is neither much awareness for the problem nor a usable 

b) nobody who really wants to inform the whole world is in any way affected in 
doing that.

> This doesn't make any sense to me.  Quite possibly I have completely
> misunderstood what you're arguing.

May be a language problem, sorry. I'll try with an example:

You have validated my key (among others) and I (among others) have validated 
Ben's. Now you want to validate Ben's key indirectly. Ben's key has ten 
signatures, the one by my key is the only one usable for you. The next person 
who tries to validate find another signature useful. It's perfectly OK for me 
that you can see that I have signed Ben's key but why should others know that? 
Why should you be able to find out who are the other ones who have made 
signatures for Ben's key?

I would make a local signature if I would not want to let anyone know that I 
have verified the key. But in that case you could not verify Ben's key what I 
am willing to enable. The motto is: Don't reveal more than necessary. You have 
to reveal something in order to make the whole thing work but you don't have 
to reveal all.

PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110310/df3a0e73/attachment.pgp>

More information about the Gnupg-users mailing list