Creating a key bearing no user ID

Hubert Kario hka at
Mon Jan 23 17:34:46 CET 2012

On Monday 23 of January 2012 16:35:45 Holger wrote:
> 2012-01-23T03:09:55-05:00, Robert J. Hansen:
> > > Keyserver SPAM is a straw-man argument. Yes, it's possible for an
> > > address to be pulled from the key on a keyserver, in fact, I'm
> > > convinced harvesting probably takes place.
> >
> > As am I.  However, it should be pointed out that this is no reason to
> > avoid using the keyservers.
> >
> > One of the best ways to evaluate a defensive mechanism is whether it can
> > recover from a failure.  Consider securing your home.  A lock on the
> > front door is good, but once the thief is in past your front door the
> > lock is pointless.  It can't recover from a failure.
> I'm not a fan of comparisons at all, but I'd say my e-mail address feels
> more like my postal address, thus I tend to handle them similarly.
> But wouldn't you replace or enforce the lock on your front door once s.o.
> made it in? At least you would still keep locking it, wouldn't you?  ; )

And there's a very good reson why you shouldn't be a fan of such comparisions:
Unlike physical security, properly implemented cryptography is unbreakable at 
this time.

All key types in wide use are completely broken: tumbler locks, Gerdas, etc. 
they can be made useless with only a little bit of know-how and few simple 

The only known working attacks on cryptography use brute force: similar to 
going through the wall, when the doors with a lock are too big of an 

Hubert Kario
QBS - Quality Business Software
02-656 Warszawa, ul. Ksawerów 30/85
tel. +48 (22) 646-61-51, 646-74-24
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2346 bytes
Desc: not available
URL: </pipermail/attachments/20120123/9be2bb3e/attachment.bin>

More information about the Gnupg-users mailing list