On Fri, Jun 24, 2011 at 05:43:17PM -0400, [email protected] wrote: > On 06/24/2011 05:25 PM, Erik Harmon wrote: > > Color coding keys is good, but even the presence of a particular public > > key on one's keyring could be incriminating or suspicious. Even if the > > same person wants to do secret and casual communication, it's probably a > > good idea to more strongly segregate those identities. > > If having a certain keyID on your phone is too dangerous, than this > phone app is probably not the right way to exchange information. > However, nothing says that you have to have the actual key on your phone > to have a keyid stored as one of your identities. > > People could even intentionally carry the key fingerprints of > politically unpopular activists in their phone app's list of identities > so that the actual activist is not the only one with that identity on > his/her phone. Depending on the circumstances, that would fall somewhere > between running a Tor exit node and standing up to yell "I am Spartacus".
I was wondering if this problem couldn't be resolved in this way : let say the phone has its own dedicated GnuPG key (might be an interesting idea anyway). QR code might just be images stored on the phone, not generated each time from a key store in its keyring. Then this QR images could be stored encrypted on the phone. The verification would just be a matter of decrypting the right image and print on the screen. It doesn't really solve the problem, as it just hides the information behind a GnuPG encryption, and thus a passphrase (but maybe passphrases are too hard to type on a phone?) that attackers could retrieve with enough wrench hits. It also puts a lot of trust on the phone device itself, which I'm not sure is a good idea. Still even without encryption, having just a QR code image, and not the key itself stored on the phone might be enough to be able to deny being the owner of this identity. OTOH it would at least be a proof that you did at some point meet the concerned person. Cause as it was said, you could share it on several friends phones, even if this question might not be that easy. bert. _______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
