Privacy concerns

David Shaw dshaw at
Thu Apr 18 05:54:00 CEST 2013

On Apr 17, 2013, at 11:12 PM, mirimir <mirimir at> wrote:

> On 04/17/2013 06:45 PM, NdK wrote:
>> Il 17/04/2013 18:22, Doug Barton ha scritto:
>>> It's very safe to assume that e-mail address harvesting from the key
>>> servers is not anything to worry about.
>> At least for now.
>> But spam is just one of the possible issues...
>> Anyway I can see that the easiest and more versatile solution is to have
>> different identities for different communities (one for work, one for
>> personal use, one for hacking communities, ...). Eventually all
>> cross-signed.
> Why would one cross-sign keys for identities used in different
> communities? That would link them, which seems counterproductive.

I think this could go either way, depending on the communities and identities (and people) involved.  For me, if I made a work key, I'd probably cross sign (or at least sign my work key using my personal key) as it would give a better path to the work key in the web of trust.  At the same time, though, if I made a key for a particular community where I wasn't directly known as "David Shaw", I'd probably not cross sign for the reason you imply - I wouldn't want the two identities linked.


More information about the Gnupg-users mailing list