On 13/03/11 6:37 AM, MFPA wrote: > > Whatever you do with user IDs is optional, since they are just a > free-text field. And of course a user wanting to make their key > match more searches could include extra UIDs with additional > hashes. For example John Smith <john.smith...@example.com> could > include hashes of example.com and of john.smith. In any event, > including the information in hashed form should make the key more > likely to be found than if the info were not there at all.
I think you're assuming a level of innate understanding of what can be done with every part of a UID by every user when they create a key. This is most definitely not the case. > If there was a point there other than curiosity value, it went way > over my head. (-: That was an example. The point was being able to determine, to some extent, the degree of OpenPGP use in Australian politics and the civil service. In the case of that minister, I knew the rest of his party used it because I know they were using a corporate version of PGP in 2000 or 2001. The two major parties over here have always had some interesting interactions online (ever since a scandal involving a staffer of one providing information to "hack" the website of the other in 1998). Currently I can run "gpg --search-keys aph.gov.au" and get the keys for everyone who has one in Parliament House (most of them are civil servants, only two or three are politicians). With hashed UIDs, unless the person generating the hash specifies additional hashes to be included then that will cease to work. As much as I find your idea interesting, I think I'd rather have the ability to search on sections of a UID. If I ever want to be contacted in a way that is separate from my name, then I'll just go to the effort of creating a new key with a pseudonym and relevant mail drop. If your hashed UID were an optional feature that were not enabled by default, I doubt I would object, but I think the current use of UIDs has value that I would not want to see superceded by the hashed version. Regards, Ben
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users