keys require a user-id
Stefan Claas
sac at 300baud.de
Mon May 18 14:05:41 CEST 2020
Andrew Gallagher wrote:
> On 18/05/2020 12:12, Stefan Claas wrote:
> > You can argue now that you can give a freeform UID the name rob or
> > rjh too, but this would maybe not so good, because your are
> > publicity known as rob or rjh, thus defeating the purpose a bit.
>
> If your threat model includes your endpoint device being compromised
> and leaking your contact list, then you should be implementing an
> extra layer of protection such as Tails and/or a hidden VeraCrypt
> volume. In the vast majority of scenarios, endpoint compromise is
> Game Over, and tinkering with obfuscation will not help you.
Agreed! It should be also mentioned, that if UID-less public keyblocks
end up more and more on keyservers it is harder for 3rd parties to
maintain a database, since as you know, everybody is still be able to
download complete keyserver dumps from SKS.
Thanks to Vincent this is no longer possible with Hagrid!
Regards
Stefan
--
Signal (Desktop) +4915172173279
https://keybase.io/stefan_claas
More information about the Gnupg-users
mailing list