Why hashed User IDs is not the solution to User ID enumeration

[Robert J. Hansen]

On 1/28/2012 2:24 AM, John Clizbe wrote:
> I don't see a way that a rolling-upgrade to a no-modify supporting version could
> be accomplished without breaking things in the process. The only way I can
> envision doing this to to form a completely new network and let servers migrate
> into it as they upgrade to the no-modify supporting version.  In a way, that's
> also undesirable as it divides the widely distributed network in two.

There's also a human factors element, which we're currently handwaving.
 If I have a copy of 0xDECAFBAD's certificate that has five UIDs, all of
which have trusted signatures on them, and a second copy that has seven
UIDs, five of which I consider valid due to having trusted signatures on
them, well -- which of the two is canonical?

The OpenPGP answer is "neither: validity and trust are not the same as
canonicity."

However, human beings tend to get rather obsessed with canonicity.  Look
at the kerfuffle over our President's birth certificate record.  The
original one is on file somewhere in a Hawai'i government office: a
differently-formatted copy of the birth certificate was given to the
press.  Both documents are equally valid.  Neither document is
canonical.  The U.S. public had a hard time wrestling with that: a whole
lot of people sincerely believed the presence of two equally-valid but
differently-formatted birth certificate records meant something was hinky.

Now imagine explaining to new OpenPGP users that "yes, sometimes you'll
get a copy that has 5 UIDs and sometimes you'll get one that has 7,
depending on which keyserver you query, but both of them are equally
valid."  Same thing.

And before anyone says, "well, yeah, but the huge deal about the
President's birth certificate was the product of a whole lot of
political paranoia by whackjobs," I will point out that one thing our
community has *never* lacked for is paranoid whackjobs.