[openpgp] Unuploadable Keys

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Jul 22 11:46:44 CEST 2015

On Tue 2015-07-21 23:36:45 +0200, vedaal at nym.hush.com wrote:
> There could be a workaround, where the key is uploaded to the keyservers,
> but functionally unusable except to individuals whom the key-creator wants to use it:
> [1] Encrypt part of the public key symmetrically, the same way that the private key is symmetrically encrypted.
> [2] Send the passphrase to whomever you want to send the public key, encrypted to their public key.
> [3] Upload the key to keyservers.  It will be usable only by those whom you choose to give the passphrase.
> (* Unless*  you misjudged someone to whom you sent the passphrase, and he turns maliciously on you, and uploads the decrypted form .... )
> If such a key-type were implemented, would it need a change in 4880, other than a notice to allow it?

if we were to have a cryptographically-validating keyserver, there's no
way that the certificate could be verified.

I'm not clear what the use case for this is. people who "want their
public key to be not-public" probably actually care more about:

 * avoiding publication of their User ID, and

 * avoiding publication of a persistent identifier that can link
   communications together

both of these things would probably fail if the key (even obscured) was
published to the public key servers.

I don't see how this proposal solves the identified concern (though it's
possible that i'm misunderstanding the identified concern).


More information about the Gnupg-users mailing list