Re: Multiple Subkey Pairs

[Michael Anders]

> So far there's no credible reporting that any government is doing mass
> surveillance of email content. Instead, mass surveillance focuses on
> metadata: who's talking to whom, when, with what for a subject line,
> routed through which mail servers, and so on.

 

The NSA e.g. denies to archive content of us-american citizens mails. It is thus perfectly reasonable to assume it does so with all other ones. They can easily do it, thus they do it. I am german, so I am free game for them anyways.

Besides, you believe their denials - are you kidding?

 

> GnuPG does not and
> cannot protect against that.

 

This is as regrettable as it is true.

Worse still, it is much more cumbersome to protect your "metadata" than to protect content with e.g. GnuPG. You could achieve it easiest with temporary anonymous e-mail accounts.

A public key infrastructure is difficult to reconcile with anonymity.

>
> If your concern is mass surveillance -- which is to say, metadata --

 

sorry again, if we are speaking about the US, only metadata if recipient and sender are us citizens and if we believe what the agency says.

Regarding the the security of the content, I share the view that lighting a firework of a dynamic subkey structure is not going to help. IMHO one properly kept key is enough and its security should last for decades. After all the "all or nothing" principle is at the core of cryptography in many contexts. There is no such thing as attrition of security by heavy usage of a public RSA or ECC key.

 

When it comes to system compromise leading to broken security. This is not kind of an aging process smoothly proceeding with time and eventually leading to death. They target you or they don't.

 

cheers

   Michael Anders

(http://www.fh-wedel.de/~an/crypto/Academic_signature_eng.html)

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users