On Feb 19, 2007, at 11:54 AM, NikNot wrote:
On 2/19/07, Adam Funk <[EMAIL PROTECTED]> wrote:Is there any reason to physically secure your *public* keyring in ... (Well, I suppose you might want to hide your secret identity!)Unfortunately, the whole GPG, with WebOfTrust construct, makes the assumption that there is no need whatsoever to protect the identity of the secret key holder (and, by extension, that traffic analysis - as opposed to the secret content analysis - is not something to be concerned with). NikNot ___
It's funny you mention this: I got into an argument with a "consultant" about how X.509 certificates are a privacy violation because your identity is encoded into the "subject" field. I kept asking him, "How would you know whose cert. it is without it?" At any rate, there are lot of bozos in the world posing as "security experts" who shouldn't be taken seriously.
Joe
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
