STEED - Usable end-to-end encryption

Peter Lebbing peter at digitalbrains.com
Wed Oct 19 22:49:20 CEST 2011


On 19/10/11 22:22, Jerome Baum wrote:
>> It would be awesome if this could be achieved without revealing other
>> email addresses or UIDs that might happen to map to the same
>> key/certificate.
> 
> Hash the UID many times. (Didn't someone propose that a while ago?)

By default the STEED system as proposed creates a new certificate for every
e-mail address. So unless manually overridden, there is a one-to-one relation
between e-mail addresses and certificates and no way to "enumerate all e-mail
addresses".

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt



More information about the Gnupg-users mailing list