-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi
On Sunday 13 March 2011 at 7:58:36 AM, in <mid:4d7c792c.2000...@adversary.org>, Ben McGinnes wrote: > So, my question, how would you enable a user to display > those keys with known names or identities without > searching for a specific key belonging to a particular > person? My understanding is that the new keybox format for storing keys will allow storing of metadata such as when the key was last refreshed/updated/matched a search, usage statistics, and local notes which might include the known names and/or email addresses. > It could be done with a local db or address book which > maps previous key searches to the hashes and keys they > match, but this seems to be an additional level of > complexity just to achieve a current feature Don't forget the additional feature of being able to publish a key that, by direct examination, will not reveal your name(s) and/or email address(es) but can still be located by a user who already has that information about you. There is a balance to be achieved. A user taking advantage of the new feature have to accept the key would be less efficiently searched and located than one which announced all their details in flashing lights; a user encountering that key can at least locate it from the name or email address, unlike if the key owner had used spurious or no information in the UIDs. > and could > also be used to circumvent the entire idea if performed > on a large enough scale. Yes, different people you communicate with using different names/email addresses could share information. If this were uploaded to a database that became widely used instead of keyservers it would circumvent the whole idea... - -- Best regards MFPA mailto:expires2...@ymail.com My mind works like lightning... one brilliant flash and it's gone -----BEGIN PGP SIGNATURE----- iQE7BAEBCgClBQJNfNDLnhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pUosD/19j MG6l6l1aaS9Ou/g8alGi3zwLUZbnpqcp5PDhUGn2F4CW5JB06TK29FDxrh+Ij/9B 39rOb4nd3d84/cIa/SMcyvgOqJB9GAjORCIE/JuQbp8+JplkGQQ+y5/8GZ60jWqq AVh22ZiJzIjh9jV2MEIU3jiSJMR1dii74TmCHVqf =x//r -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users