Multiple Subkey Pairs
Michael Anders
micha137 at gmx.de
Mon Mar 17 08:45:25 CET 2014
I apologize for having triggered the emotionally agitated exchange in
this thread culminating in someone bringing up the German-Jew trauma.
I did not intend this and will try to make future points in a more
moderate language. I acknowledge the outburst of true emotion by the
person I responded to initially.
Unfortunately my initial contribution was held for moderation and
finally has been withheld for reasons unknown to me. All that was left
is a belated, empty response under my name in the last digest.
Since followers of this discussion cannot possibly understand the heated
responses without the trigger, I'll try it again. Hopefully this will
end the emotional part and will get the discussion back onto the
appropriate technical track.
This time I'll slightly redact my initial contribution so as to avoid it
being held by a moderator.
Here we go ->Quote:
************************************
> So far there's no credible reporting that any government is doing mass
> surveillance of email content. Instead, mass surveillance focuses on
> metadata: who's talking to whom, when, with what for a subject line,
> routed through which mail servers, and so on.
The YYY (->a famous three letter agency) e.g. denies to archive content
of YYY citizens mails. It is thus perfectly reasonable to assume it does
so with all other ones. They can easily do it, thus they do it. I am
german, so I am free game for them anyways.
Besides, you believe their denials - are you kidding?
> GnuPG does not and
> cannot protect against that.
This is as regrettable as it is true.
Worse still, it is much more cumbersome to protect your "metadata" than
to protect content with e.g. GnuPG. You could achieve it easiest with
YYYYY(->We all would know how to do this).
A public key infrastructure is difficult to reconcile with anonymity.
>
> If your concern is mass surveillance -- which is to say, metadata --
sorry again, if we are speaking about the YYY, only metadata if
recipient and sender are YYY citizens and if we believe what the agency
says.
Regarding the the security of the content, I share the view that
lighting a firework of a dynamic subkey structure is not going to help.
IMHO one properly kept key is enough and its security should last for
decades. After all the "all or nothing" principle is at the core of
cryptography in many contexts. There is no such thing as attrition of
security by heavy usage of a public RSA or ECC key.
When it comes to system compromise leading to broken security. This is
not kind of an aging process smoothly proceeding with time and
eventually leading to death. They target you or they don't.
cheers
Michael Anders
(a reference to my project page)
*******************************************
End of quote.
The reference to my crypto project homepage which also contains a
political statement, might also have been the problem. Those who are
interested and dont't feel offended by a positive reference to a
controversial person can find it via my homepage www.fh-wedel.de/~an/
following the link to Academic Signature.
Best regards,
Michael Anders
More information about the Gnupg-users
mailing list