On Sep 8, 2010, at 6:02 PM, Peter Pramberger wrote:

> 
> ...some random MPI's *with his/her/whatever name linked to them*...
> 

In case it wasn't clear from the nerdy details in the "anonymous 
self-revocation"

    http://tools.ietf.org/html/rfc4880

section 5.11 User ID Packet (Tag 13) (and some other obscure
places like where PhotoID's are stashed, and with certification
signatures that confirm that Tag 13 is associated with the
pubkey/subkey) are all that ties the user identification to the key materiel.

Rip out everything but the pubkey/subkey, salt with revocations,
and the pubkey/subkey becomes anonymous on the server with
no personal data attached, or that can be indexed/used for retrieval.

What I cannot say is what happens down the road if the convention
to anonymize pubkeys as above, which remain on keyservers, and will be 
distributed
into keyrings (w revocation attached), and will be used by not only
gnupg, but other implementations.

And there's also the precedent of adding the methods to anonymize
keys on pubkey servers that would have to be lived with. That too needs some
thought.

73 de Jeff

_______________________________________________
Sks-devel mailing list
Sks-devel@nongnu.org
http://lists.nongnu.org/mailman/listinfo/sks-devel

Reply via email to