ietf-openpgp
[Top] [All Lists]

Re: [openpgp] Reducing the meta-data leak

2016-01-05 13:54:58
On Tue 2016-01-05 14:50:24 -0500, vedaal(_at_)nym(_dot_)hush(_dot_)com wrote:
Maybe a (c) option that combines  aspects of (a) and (b):

[1] Suggesting that users of multiple secret keys have 1 unique e-mail
address for key.
(e.g.  Hushmail allows for unlimited nym e-mail aliases which all go
to the same hushmail account under the primary [non-nym] e-mail
account.)
A user can generate multiple keypairs, assigning a different nym alias
to each of them).

[2] The users should not upload the keys to keyservers, but rather
exchange public keys with whomever they wish to communicate.

this seems like it might be handwaving away a very difficult question...

[3] They then use the --throw-keyid option, but the receiver knows
exactly which key it is, by seeing to which nym e-mail address it is
sent.

if the receiver can see it, then the metadata is present, right?  so
this proposal just moves the metadata out of the OpenPGP block and into
the surrounding RFC822 message.  I don't think that solves the problem.
or am i misunderstanding your proposal?

   --dkg

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp

<Prev in Thread] Current Thread [Next in Thread>