Implications of a common private keys directory in 2.1
andrewg at andrewg.com
Wed Nov 23 19:51:25 CET 2016
On 23/11/16 17:54, Carola Grunwald wrote:
> Andrew Gallagher <andrewg at andrewg.com> wrote:
>> If you are worried about an attacker on the wire doing statistical
>> analysis of your message sizes and patterns of use, you will
>> probably have to go the whole hog and transport over Tor. And even
>> that is no panacea.
> Not real-time Tor but remailers providing latency. You got it.
Aha, this is the subtlety I was missing. Yes, this sounds like an
I still don't understand what you gain from per-user keys though.
>> And if we are only encrypting the content of the mail, then it
>> provides less security than TLS, which encrypts everything from
>> the handshake onwards.
> I'm talking about Whole Message Encryption including the complete
> header section.
But the SMTP envelope contains plaintext addressing info. TLS protects
this on the wire, while PGP encryption of the message (even the
headers) does not.
>> How does this provide the user with any more assurance than DKIM
> DKIM doesn't hide the sender's identity from external adversaries
> who try to analyse message flow.
That wasn't my question. I was asking what advantage a per-user
signature gives you compared to a server signature over a custom header.
> - In a TLS session the communication partners' IP addresses are
> public, moreover the sender domain is published by the receiving MTA
> by retrieving its public key from the DNS in order to verify the
> DKIM signature. OTOH with my kind of Whole Message Encryption
> combined with an asynchronous message transfer providing latency
> e.g. through remailers adversaries have no chance at all to link
> sender with recipient(s).
But if you have a per-user signature on the message content, surely the
sender can still be deduced? At least on the last hop...
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users