hashed user IDs [was: Re: Security of the gpg private keyring?]
ben at adversary.org
Fri Mar 11 07:44:57 CET 2011
On 11/03/11 7:44 AM, Daniel Kahn Gillmor wrote:
> If you want to keep the fact that one keyholder has verified another
> keyholder's identity secret, you cannot solve that by obscuring the
> User IDs.
> The right way to solve that is with non-exportable OpenPGP
> certifications, which must be passed between users explicitly.
Ah, this is what I've been looking around for! For the sake of the
archives, how does one provide a non-exportable certification?
Obviously the export flag won't cut it.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 227 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users