Creating a key bearing no user ID

MFPA expires2012 at rocketmail.com
Tue Jan 24 00:23:10 CET 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Monday 23 January 2012 at 3:04:45 PM, in
<mid:f2b603966ef5c716f1e545f9c9058081@>, Holger wrote:


> Please simply accept that it's an issue for me as well
> as many others. Harvesting is supereasy: full keydumps
> are readily available.

It sounds like you value the flavour of privacy that could be afforded
by a scheme involving the use of hashes in UIDs to protect names and
email addresses. Such a scheme would (for example) allow somebody with
one of your email addresses to locate your key, but would not allow
somebody to devine your names or email addresses by inspecting your
key. An extension would be required to allow GnuPG to locate keys
using both the hash and the plaintext string simultaneously.

Suggestions like this tend to get lambasted because they do not
enhance security, and privacy appears to be seen as unimportant.


- --
Best regards

MFPA                    mailto:expires2012 at rocketmail.com

Live your life as though every day it was your last.
-----BEGIN PGP SIGNATURE-----

iQCVAwUBTx3r5aipC46tDG5pAQpDIgQArkukbT5Jgj+eCVudxfuUfOrDDcyI7Dh1
ACn2HFlPDoVXd27AlK7uilmPB/aQEQQqWtK5SJNDe2F5fq06s9Y2Nq4oXR3yEfF5
DpPrFFxC533Sa9mVTpL2xgj/nIezLWvoPrrC3aUCBC1X9qhpY2lYI89MQ9VRZ1wg
FBMZ58+QI8I=
=Kv7v
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list