hashed user IDs [was: Re: Security of the gpg private keyring?]

MFPA expires2011 at ymail.com
Sat Mar 5 23:11:27 CET 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Thursday 3 March 2011 at 8:32:00 AM, in
<mid:4D6F5200.5020405 at xs4all.nl>, Johan Wevers wrote:


> Op 2-3-2011 21:14, Daniel Kahn Gillmor schreef:

>> You'd still need to do the work of changing, say, MUAs
>> to re-think their key-selection criteria to include
>> keys without e-mail addresses (maybe just based on the
>> human-readable part of the To: header?)

> That can be done much easier: upload a version without
> the email address to the keyservers, and store locally
> a version with your (current) email. Then don't sync
> that with the keyservers of course.

I do that already. But what about anybody else whose MUA requires an
email address in the key UID to locate my key?


- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

No man ever listened himself out of a job
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNcrUUnhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pk9UEALzv
z2PBP2uLAd2ZPky6REU2Lcj6d5D3EpKZR+Dsqxa2rEO32RhUGvl2kczfWVs8rHWE
F5l8OzVkoKrZfeVP+ud6ayH7hlQmGA1Zvpds5h9T/+kMCXfriJGDBkelwojwxJ5z
tPlRLJJgJdDBOZg+RMwV42bW197QH6LyDpA0NDYg
=c3uY
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list