On 2013-09-06 00:04:07 +0200 (+0200), Ilja Schmelzer wrote: [...] > The point is another: a 512 bit hash as a personal id is > something acceptable for average people and will not prevent them > from using it. These average people do not have to care that much > about such attacks. Those few who have to be afraid of more > dangerous attackers can as well learn their own id, or write it on > their business card. [...]
Right, so I guess we're talking about different sets of risk factors. In the global free software community the proliferation of OpenPGP is more for the benefit of authenticating signed announcements and software release artifacts, less about privacy and anonymity (though some of that does come into play when communicating embargoed security vulnerability information). -- { PGP( 48F9961143495829 ); FINGER( fu...@cthulhu.yuggoth.org ); WWW( http://fungi.yuggoth.org/ ); IRC( fu...@irc.yuggoth.org#ccl ); WHOIS( STANL3-ARIN ); MUD( kin...@katarsis.mudpy.org:6669 ); } _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography