keys require a user-id

Stefan Claas sac at
Mon May 18 14:05:41 CEST 2020

Andrew Gallagher wrote:
> On 18/05/2020 12:12, Stefan Claas wrote:
> > You can argue now that you can give a freeform UID the name rob or
> > rjh too, but this would maybe not so good, because your are
> > publicity known as rob or rjh, thus defeating the purpose a bit.
> If your threat model includes your endpoint device being compromised
> and leaking your contact list, then you should be implementing an
> extra layer of protection such as Tails and/or a hidden VeraCrypt
> volume. In the vast majority of scenarios, endpoint compromise is
> Game Over, and tinkering with obfuscation will not help you.

Agreed! It should be also mentioned, that if UID-less public keyblocks
end up more and more on keyservers it is harder for 3rd parties to
maintain a database, since as you know, everybody is still be able to
download complete keyserver dumps from SKS.

Thanks to Vincent this is no longer possible with Hagrid!


Signal (Desktop) +4915172173279

More information about the Gnupg-users mailing list