Why hashed User IDs is not the solution to User ID enumeration

Robert J. Hansen rjh at sixdemonbag.org
Sat Jan 28 06:14:49 CET 2012

On 1/27/2012 8:52 PM, John Clizbe wrote:
> Having keyservers support no-modify requires that they first support crypto.
> That's a really big step.

(John undoubtedly knows this, but I suspect a lot of people didn't catch
the implications -- so let me elaborate.)

SKS is a surprisingly lightweight thing: it requires very little in the
way of CPU usage, even when making large updates.  (My keyserver is
currently running with a load of 0.06.)

As soon as keyservers have to do bignum arithmetic on certificates,
you're going to see a lot higher CPU loads.  This doesn't mean "we
should never ever do it," but it does mean before doing such a thing
there would have to be broad consensus from the keyserver community to
do it.

It isn't just that no one's written the code: it's there's no community
consensus to deploy such code, even if it were written.  It would be a
pretty major flag day.  After all, if one keyserver enforces it and
others don't, then that's going to create a pretty obvious syncing problem.

It is, as he said, "a really big step."

More information about the Gnupg-users mailing list