STEED - Usable end-to-end encryption
Jerome Baum
jerome at jeromebaum.com
Wed Oct 19 22:54:31 CEST 2011
On 2011-10-19 22:49, Peter Lebbing wrote:
> On 19/10/11 22:22, Jerome Baum wrote:
>>> It would be awesome if this could be achieved without revealing other
>>> email addresses or UIDs that might happen to map to the same
>>> key/certificate.
>>
>> Hash the UID many times. (Didn't someone propose that a while ago?)
>
> By default the STEED system as proposed creates a new certificate for every
> e-mail address. So unless manually overridden, there is a one-to-one relation
> between e-mail addresses and certificates and no way to "enumerate all e-mail
> addresses".
>
> Peter.
>
Re-reading the original quote ("map to the same key/certificate") that's
right. I had assumed he was talking about the DHT correlating keys (so
just like you can tell in the BitTorrent DHT which other torrents some
IP is involved in by doing enough work, you might be able to tell which
other certificates that IP uploaded -- but all this is nonsense in the
original context, which I misread).
--
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
More information about the Gnupg-users
mailing list