On future of GnuPG

ಚಿರಾಗ್ ನಟರಾಜ್ mailinglist at chiraag.me
Wed Jan 6 00:34:50 CET 2021

12021/00/04 08:01.47 ನಲ್ಲಿ, markus.rosco at neverbox.com ಬರೆದರು:
> On 2021-01-05 Stefan Claas via Gnupg-users - gnupg-users at gnupg.org wrote:
> > ...     but why are then SKS key servers
> > still in operation, which allows third parties to look up who signed
> > who's key and with what trust level and GnuPG's WoT support, compared
> > to sq and Hagrid?
> The landscape has changed dramatically from the times when the
> original PGP fundamentals were introduced. Today, for any secure
> personal communication system to be of practical use, it must
> be designed from the ground up observing the following simple
> principle: *anonymity is the necessary condition of privacy*.

That depends heavily on your threat model, though. For many people, the goal isn't to keep their identity safe from the people they're talking with. Rather, the goal is to keep the contents of their messages safe from _everyone else_ (including CIA, NSA, shitty governments, etc).

In many ways, security and anonymity are at odds, since if I can't easily verify that <x> is the person they claim to be, I have no way of knowing if I'm telling them stuff they shouldn't know. While there are ways to ensure confidentiality and integrity of the *communication channel* while preserving anonymity, there isn't really a way of ensuring the integrity of the *conversation* while preserving anonymity. Pretty much any way of properly resolving this dilemma requires de-anonymizing both participants, and then we're right back where we started.

If, instead, we acknowledge that most use cases require integrity of the communication channel *and* the conversation, then we can use common identifiers (like phone numbers) or (mostly) verifiable identities (like GPG keys hosted on WKD) to ensure the integrity of the conversation (I say mostly verifiable because there's always a chance the domain is compromised and the keys are replaced). Once anonymity isn't really as much of a concern, we get things like Signal, which is decidedly *not* anonymous (with the exception of using VOIP numbers to sign up) but is most assuredly private (they don't know what you're saying and neither does anyone else, apart from the people you're messaging).


ಚಿರಾಗ್ ನಟರಾಜ್
Pronouns: he/him/his
-------------- next part --------------
A non-text attachment was scrubbed...
Name: publickey - mailinglist at chiraag.me - b0c8d720.asc
Type: application/pgp-keys
Size: 659 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20210105/dcc6a8b9/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 233 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20210105/dcc6a8b9/attachment.sig>

More information about the Gnupg-users mailing list