key question
Paul Richard Ramer
free10pro at gmail.com
Fri Mar 19 07:54:06 CET 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Sat, 13 Mar 2010 20:05:21 +0000 MFPA wrote:
>> I can't speak for other people, but I can for me. Take
>> > a look at the UIDs on my key, which is
>> > 0xC7C66ADF3DB6D884. And also, take a look at my master
>> > key 0x2188A92DF05045C2 that I signed the other key
>> > with.
>
>> > Each of those e-mail addresses on my keys are ones that
>> > were already associated with my real name. I had given
>> > each of those addresses to family, friends, associates,
>> > businesses, or a combination of them. Not one of those
>> > accounts had given me any anonymity, and each had been
>> > shared outside of people I knew personally.
>
>> > By uploading a key with those addresses on it, does
>> > that mean I gave up privacy that I already had? No.
>
> It looks to me as if the answer is "yes." Unless each person who had
> one of your email addresses already knew the other addresses before
> seeing them on your key, they now have extra information about you.
> And the addresses have jumped from "shared outside of people [you]
> knew personally" to published in a universally-accessible location.
> However minor/negligible or unimportant you may consider it, that's a
> reduction in privacy.
You are, of course, assuming all of my contacts know what PGP is, how to
use a keyserver, and have fetched and examined my key. Although I have
potentially disclosed my e-mail addresses to the whole world, my actual
disclosure has been less than had I posted those e-mail addresses to a
web page or handed a copy of my key UIDs to whomever.
But you know what? I don't care. I created those UIDs with the belief
that if I shared them with one person, I shared them with the world. I
intentionally made that information public, which is different from
accidental disclosure.
Also the use of a keyserver in my case was good, because I don't have
any means of distributing my key electronically other than by e-mailing
my key to every person that may request it. So a keyserver fits the way
I want to work.
- -Paul
- --
Privacy is good. Use PGP.
+---------------------------------------------------------------------+
| PGP Key ID: 0x3DB6D884 |
| PGP Fingerprint: EBA7 88B3 6D98 2D4A E045 A9F7 C7C6 6ADF 3DB6 D884 |
+---------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQGcBAEBCAAGBQJLox97AAoJEJhBiuhgbQLIgEAL/1hXd6DAMcX+goDdipUMt1Yd
5dqnSKbGsC0Rp9Ewa2aZTPzfb4AyAdhjugp+2oX17+47Ijz8CgRP5iCSzEwhW6gl
JqKWrKL13f88vN97iauBI/TYiUoEBpMFvreYlu0X8g7qGK9WN1ul4SfFUNaBbXJt
/OXfACs7PbSUSN8XvqprOHV+p9uAFNpLIjIYpKZpt4GzhjIF7ifg7fBSw8VdXXBI
qahG0c6OqFBU10kJgZlHOM+ZSoqlS9B3M3DR54DLmgwNOhzFkOu5lgOpURY9FrZP
4XYt5hasn/FapiUh5qk8A0QRSLrXUyM7jgntK6KwIFHmurss+eyZRfxBnzveVVbR
M2WM9k+AyQnpWwjpxeAR2qQAAjljBDj5TuAEYwlXw6dBb/eQAUcr3SmEdSUDx9BV
Q2x37xMN5191xEYqVjNT5FtQko2wGCFSA4qWRbvi+DXV0KVGbTW1N2FBXLtQS1Gc
QtndM+4MIf9UkLMnUYJriDnQmgOPiQmJAJzi8gnhuQ==
=hLHd
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list