William Geiger <whgiii(_at_)invweb(_dot_)net> writes:
Well there are two points here:
1. Will a decreased size keyID really provide your goal of deniability??
As I posted in my last message if the goal is anonymidity the the solution
is to provide no keyID at all.
I agree with this. I have argued for this before with Colin and Derek
back when they were doing 3.0 before PGP Inc was formed.
Also a second point re. anonmity: what about Hal Finney's stealth
transform (I have a beta standalone implementation for pgp2.x at:
http://www.dcs.ex.ac.uk/~aba/stealth/ which I did some time back);
without that you don't have much anonymity anyway because, the PKEs
are all below EG public modulus, or RSA modulus, which is identifies
user statistically after a few messages.
The stealth transform would require packet mods. Perhaps this is a
reason to defer the whole argument for next version of standard. KISS
as Tim says, no novel features, no new CMR features, etc this time
around? (Also sorry Ian B. no new message receipt).
2. By having a limited or no keyID in the encryption packet, the end user
is denighed the knowledge of who the message was encrypted to. Was the
company key used? Was a government key covertly added?
Hadn't thought of this implication. They are indeed conflicting. I would
take this to mean the obvious thing to do make KeyIDs below a chosen length
be rejected by the CMR enforcement filter.
(modulo my argument about CMR being used at all).
It should be noted that Hal never mentioned where or how Phil whished to
make use of these variable size keyID's. I still stand by my original
conclution that the cost benifit case needs to be made on this before such
a departure from the curent keyID structure is made.
Variable sized key ids are good in themselves I think because they get
around the spoofing problem: you can crank them up to full hash.
Adam
--
Now officially an EAR violation...
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/
print pack"C*",split/\D+/,`echo "16iII*o\U(_at_){$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`