2 Q's

Robert J. Hansen rjh at sixdemonbag.org
Wed Aug 17 20:15:31 CEST 2016


> Okay, I give up. What is "Parcimonie"?

<puts on asbestos longjohns>

A poorly-thought-out answer to a problem that doesn't exist.

Parcimonie is a key refreshing daemon.  (So far, cool!  It's a real
problem.  Solving this problem is cool.)  In order to defend against
completely hypothetical movie plot attacks, it insists on refreshing the
keys spread out over a long period of time and routing everything
through Tor.

The developers of Parcimonie claim that if you refresh your keyring all
at once, you're giving someone monitoring keyservers information about
your social graph and that could be useful in defeating your privacy.
That's true, but it's also missing the point.  There are literally
*thousands* of things people could hypothetically be doing to defeat
your privacy: should we have thousands of tools to defend against these
thousands of hypotheticals, or should we instead ask that we focus our
efforts on the very real risks we face?

Solving real problems is good.  "Solving" hypothetical ones, I'm not
fond of...



More information about the Gnupg-users mailing list