Hide UID From Public Key Server By Poison Your Key?
Jason Lawrence
jason.lawrence at linuxmail.org
Mon Jan 15 06:43:20 CET 2018
Hi all,
For of all, I am sorry for using a temporary email
address.
Let's say, you have accidentally associated your
real name to the key under your online name and
upload it to public key server, which allows
anyone to connect your online identity to the
person in real life. Since you can never remove
anything from the public key server, You are
wondering if you can add something to it -- for
example, add another 100 of UIDs with other
people's real name and emails so people can not
find out which one is yours, and append another
100 of digital signature so people get tired
before figure out which one is from valid user.
Since it is easy to fake system time for PGP, you
can mix my real UID in middle of all these.
The problem is, how will the public key server
handle 2 keys with duplicated timestamp?
Just an idea, it might be more efficient if I just
commit online suicide (throw away my current
identity).
Best regret
Jason
More information about the Gnupg-users
mailing list