ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] OpenPGP private certification [was: Re: Manifesto - who is the new OpenPGP for?]

2015-04-01 12:23:03
from [Daniel Kahn Gillmor] [Permanent Link] 
On Sat 2015-03-28 15:24:38 -0400, Phillip Hallam-Baker wrote:

By that I mean fixed in time. I agree that it does not need to be
public. Only the hash needs to be enrolled.


Normal e-mail addresses are low-entropy, right?  this would suggest that
they're reversible in most cases without a lot of effort (e.g. consider
nsec3-walker, which has similar properties [0]).  how does enrolling
only the hash address the privacy considerations effectively?

     --dkg

[0] http://dnscurve.org/nsec3walker.html

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Next by Date:  Re: [openpgp] Encrypting / Signing the mail subject?, Daniel Kahn Gillmor
Next by Thread:  Re: [openpgp] OpenPGP private certification [was: Re: Manifesto - who is the new OpenPGP for?], Phillip Hallam-Baker
Indexes:  [Date] [Thread] [Top] [All Lists]