Hello MFPA, Tuesday, July 8, 2014, 3:27:49 PM, you wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > Hi > On Monday 7 July 2014 at 10:49:23 PM, in > <mid:[email protected]>, eMyListsDDg wrote: >> i have mulitple email accounts and in the past had >> generated a key/pair for each, each with its own unique >> passphrase. i'm rethinking that approach. >> curious how other uses in this situation manage their >> gnupg? > I use multiple email addresses and frequently change some of them. I > have included no "real" name or valid email address in my key's > user-id: the way I use email addresses would otherwise require > multiple keys and/or an accumulation of redundant UIDs (if the keys > were on keyservers - otherwise I could just delete the redundant > UIDs). > Also, I happen to believe that:- > (1) knowing an email address or a (sufficiently unique) name should > enable somebody to find a key to use for encryption. > (2) access to a public key should not of itself compromise the > privacy of the key "owner" by leaking additional personal data > about said "owner." > My current solution achieves (2) nut not (1). > There are two down sides to this approach. Firstly, the lack of email > address makes it harder for other people to use my key. Secondly, if I > wanted to participate in the web of trust, the lack of "real" name > would make it difficult. good points. thanks for the insight. i see some tweaks i'll incorporate. _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
