[OT] Why are you using the GPG / PGP keys?

Fritz Wuehler fritz at spamexpire-201305.rodent.frell.theremailer.net
Fri May 24 05:59:54 CEST 2013


Zece Anonimescu <zece at riseup.net> wrote:

> 
> I'm redescovering encryption from another point of view, the one of
> the single user. As long as I do care about the data and I'm the sole
> user I can employ whatever code I deem useful to make my data
> unreadable for a third party, as long as the data does not leave my
> computer. Now I'm the weakest link and I have no one to blame. Which
> is good. And along the way I picked the anonymity concept. While in
> the real life that used to be a given, same online there was no such
> thing. And I discover there can be anonymity online. And that best
> code breakers use rubber hose cryptography. So plausible deniability
> is something for a divorce trial.
> 
> That leads to the idea that having the cryptographic keys and
> signature of one Emmanuel Goldstein instantly makes you Emmanuel
> Goldstein beyond the proof of any photo ID telling another story.

No.  keys can be and are stolen.

> 
> So may I ask you why are you using the GPG keys?

Your anonymity, through whichever tool you are using, depends on
cryptographic signatures.  For instance, you seem to be posting from
riseup.net to protect your identity.  *Seem to be.*  But you only know
you are even
connecting to their server via their RSA sigs via their SSL certificate.

And how to verify that?  and so on...

So on some level PGP/GPG or some variation becomes important also for
"anonymity."  Tor, for instance, depends completely on crypto signatures
to function.




More information about the Gnupg-users mailing list