On Wed, Apr 1, 2015 at 1:22 PM, Daniel Kahn Gillmor
<dkg(_at_)fifthhorseman(_dot_)net> wrote:
On Sat 2015-03-28 15:24:38 -0400, Phillip Hallam-Baker wrote:
By that I mean fixed in time. I agree that it does not need to be
public. Only the hash needs to be enrolled.
Normal e-mail addresses are low-entropy, right? this would suggest that
they're reversible in most cases without a lot of effort (e.g. consider
nsec3-walker, which has similar properties [0]). how does enrolling
only the hash address the privacy considerations effectively?
--dkg
[0] http://dnscurve.org/nsec3walker.html
I was planning to enroll the hash of the keysigning which would
include the signature at minimum.
If we are doing DSA then it isn't really a problem as the signatures
are non deterministic. You can get into issues with RSA though (but
not in this case).
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp