On 14/03/11 12:32 AM, MFPA wrote: > On Sunday 13 March 2011 at 5:48:55 AM, in > <mid:4d7c5ac7.70...@adversary.org>, Ben McGinnes wrote: > > I'm assuming a short descriptive paragraph in the gpg.man file plus > some good info becoming available over time in various "start up > guides" etc. by searching the web or mailing list archives or asking > on mailing lists, as with other GnuPG features. It doesn't matter if > people learn after the key is created because additional UIDs > containing extra hashes can be added later.
Don't depend on the mailing lists, we're a very small subset of GPG users. All relevant documentation will need to be included for those users where connectivity to the Internet is sporadic at best. >> As much as I find your idea interesting, I think I'd rather have >> the ability to search on sections of a UID. > > Fair enough but I believe a person's desire to withhold their own > personal information outranks another person's desire to make use of > that personal information. That too is an understandable argument. Especially when it comes to searching the keyservers, but less easy to maintain in relation to searches of a local keyring (as I discussed in my other message). >> If your hashed UID were an optional feature that were not enabled >> by default, I doubt I would object, > > I would like hashing to be offered for the name and then again for > the email address, along with a one-liner that obscuring the > information in the UIDS offered minimal protection as described in > gpg.man and made it harder for other users to locate and use the > key; if there's a default answer it should be "No". Maybe others > would feel it should be only in expert mode, or perhaps enabled by a > "hash-uid" option to the "gen-key" command. I'd definitely say the default should be off and enabling it only via expert mode would probably be wise. > The main disadvantage I see in hashing the information is slightly > increased complexity in locating keys. That assumes the individual > would otherwise have a key containing his information unhashed. For > individuals whose UIDs would otherwise contain spurious or no > information, locating their key should become easier. That appears to be the case. Certainly for individuals like yourself I can see the appeal. > The search/research capability that you outlined would be reduced if > significant numbers of keys with only hashed UIDs came about, Yes. Although to be honest, even if this feature were added, I don't see it becoming very popular. > if the organisations you are searching allow their people to use > such UIDs. That would require an OpenPGP policy being adopted which is not exactly common with most organisations. > The impact on the WoT is unclear. One scenario is no change from the > current situation, where an individual who chooses not to reveal > their name and email address(es) in their UID has little chance of > success in finding people willing to provide certifications. I doubt there would be much change, although it does raise another question: if you have a key that only has hashed UIDs of your real name and email address(es), would you wish to prevent signatures of your key from contacts who did not use the hashing function? If the concern is preventing your personal information being revealed and someone who knows you, but is less concerned about this is willing to sign your key, would you attempt to stop them? After all, a relationship could be determined by their identity and if there were enough such signatures from people you know in real life, it may be possible to determine your identity that way. It seems that the only real strength the hashed UID has is if it is adopted by every user, regardless of whether they want it or not. Anyway, the more we discuss this, the less likely it appears that it will be added to either GnuPG or any of the commercial PGP products, let alone the RFCs. Still, the advantage of GnuPG is that it is released under the GPL (version 3, last time I checked), so there's nothing stopping you from creating your own fork to add the feature. If it became popular through practical example then the chances of the feature being incorporated in the main release would be vastly increased. Regards, Ben
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users