On 9/03/11 5:52 PM, Bernhard Kleine wrote:
Hi everybody,
I am using ubuntu 10.10, gpg and evolution. And I am reading this
mailing list for quite some time. Lately to read this list is a pain
since many keys are no longer found on the key server(s) I have entered
into the keyserver list and
MFPA schreef:
Something that would not be necessary if the
underlying openPGP implementations could handle hashed
user IDs.
Isn't it much easier to use the key ID / signature for
that? You already have that.
I don't understand.
Use the keyID / signature as the hashed user ID, since it
On 9/03/11 2:44 AM, Johan Wevers wrote:
MFPA schreef:
Something that would not be necessary if the
underlying openPGP implementations could handle hashed
user IDs.
Isn't it much easier to use the key ID / signature for
that? You already have that.
I don't understand.
Use the keyID /
On 3/9/2011 8:11 AM, Ben McGinnes wrote:
Personally, I think it's an interesting idea and I can see the value
in it, but I'm not sure there are enough people really pushing for it
(yet). With things like the data retention legislation being pushed
in Europe, Australia and other countries,
On 3/9/2011 8:11 AM, Ben McGinnes wrote:
* Anyone trawling through keys on a public server or downloading
random keys cannot see who owns that key or what their email address
is, but anyone who knows Joe or his email address can search the
keyservers for that data because the hash can be
Am Mittwoch 09 März 2011 14:11:16 schrieb Ben McGinnes:
This discussion has been there before (initiated once by me).
This would allow someone to use a single key for multiple identities
or pseudonyms, without the information about those identities being
learned by different groups. Well,
On Mar 9, 2011, at 3:12 AM, Ben McGinnes wrote:
On 9/03/11 5:52 PM, Bernhard Kleine wrote:
Hi everybody,
I am using ubuntu 10.10, gpg and evolution. And I am reading this
mailing list for quite some time. Lately to read this list is a pain
since many keys are no longer found on the key
Am Donnerstag, den 10.03.2011, 00:54 +1100 schrieb Ben McGinnes:
On 10/03/11 12:18 AM, Bernhard Kleine wrote:
well, I took a mail from Grant Olson from this list:
gpg: ASCII-Hülle: Version: GnuPG v2.0.18-gitcb2f55e (GNU/Linux)
gpg: ASCII-Hülle: Comment: Using GnuPG with Mozilla -
On 10/03/11 3:31 AM, Bernhard Kleine wrote:
Some strange things have happened:
first: on the interactive sks-keyservers.net page I looked up the
key A18A54D6 and it did not show any result. Afterwards I typed
olson grant and got several keys listed but not the one we have been
looking
Am Mittwoch 09 März 2011 14:39:35 schrieb Robert J. Hansen:
2. To really gain benefit from this scheme, you must:
(a) have a non-trivially-brute-forceable email address
(b) want to be able to hide your email address
3. Deploying this scheme means:
(a) people
On Wed, Mar 9, 2011 at 8:11 AM, Ben McGinnes b...@adversary.org wrote:
On 9/03/11 2:44 AM, Johan Wevers wrote:
MFPA schreef:
Something that would not be necessary if the
underlying openPGP implementations could handle hashed
user IDs.
Isn't it much easier to use the key ID / signature for
On 10/03/11 12:24 AM, Robert J. Hansen wrote:
It seems like this is really close to asking for private stream
searching, which would be the next logical step -- some way for the
client to query the database for a record in such a way there is no
way for the database to know what was queried.
On 10/03/11 12:39 AM, Robert J. Hansen wrote:
4. My suspicion is the number of users covered by (2) is pretty
small.
Very probably, at least at the moment (for the reasons Hauke
mentioned).
My suspicion is the number of users impacted by (3) is pretty large.
Almost certainly.
My
On 10/03/11 11:03 AM, Hauke Laging wrote:
Am Mittwoch 09 März 2011 14:39:35 schrieb Robert J. Hansen:
As we all know you love anecdotal evidence, here's mine: You are
probably right but consider two points:
1) Today there is no use in obeying the (2) rules. If such a feature
is
On 10/03/11 12:12 PM, Jeffrey Walton wrote:
Imagine you are Tunisian or Libyan or some other nationality where
disagreeing with the regime might get you killed. Would you want
your name and email associated with another's keyring? Or would you
prefer anonymity?
Another perfectly good reason
On 3/9/2011 10:01 PM, Ben McGinnes wrote:
Imagine you are Tunisian or Libyan or some other nationality where
disagreeing with the regime might get you killed. Would you want
your name and email associated with another's keyring? Or would you
prefer anonymity?
Another perfectly good reason
On 10/03/11 2:10 PM, Robert J. Hansen wrote:
I think it should also be noted that if I was serious about trying to
overthrow a government, I'd create a bare certificate without a name or
an email address on it. I'd also use it as infrequently as possible and
try to avoid any technology more
On 3/9/2011 10:42 PM, Ben McGinnes wrote:
Which brings us back to creating a pseudonym, using Tor (or other
anonymising services), getting a disposable mail drop (or using
alt.anonymous.messages) and going from there. At the bare minimum.
Which brings us back to the elephant in the middle of
Some people think they're going to take over the People's Republic of
Berkeley in a military coup
Idiom note for non-Americans: the University of California at Berkeley
is often called, tongue-in-cheek, the People's Republic of Berkeley.
This is a (hopefully humorous) reference to having a
On 10/03/11 4:20 PM, Robert J. Hansen wrote:
Some people think they're going to take over the People's Republic of
Berkeley in a military coup
Idiom note for non-Americans: the University of California at Berkeley
is often called, tongue-in-cheek, the People's Republic of Berkeley.
This is
On 10/03/11 4:17 PM, Robert J. Hansen wrote:
On 3/9/2011 10:42 PM, Ben McGinnes wrote:
Which brings us back to creating a pseudonym, using Tor (or other
anonymising services), getting a disposable mail drop (or using
alt.anonymous.messages) and going from there. At the bare minimum.
Which
21 matches
Mail list logo
