On Feb 27, 2010, at 3:02 PM, David Shaw wrote:

> Much as the email headers do in your example.  If the mail is not encrypted, 
> the headers just show that it might be.  In practice, headers won't show much 
> as the majority of modern mail programs have the capability for encryption of 
> one sort or another, even without add-ons.  It's rarely exercised, of course.

Yes and no.  I think the presence of an Enigmail header, for instance, is 
probably more indicative of encrypted traffic than just someone's key being 
present on a server.  Still, this is kind of a side show.  What started this 
was MFPA's contention that just by having your key on the keyserver network you 
could be bringing yourself to the attention of government investigators.

When a murder victim is found, the police start looking for the murder weapon.  
They don't start by looking at all possible murder weapons and hope to find a 
murder victim nearby.  Likewise, if the police find encrypted traffic on a 
suspect's laptop they will begin to search for the originator of the traffic.  
They're not likely to start by rounding up the usual suspects found by 
harvesting the key server.

There are exceptions to this rule.  I mentioned Cuba, where possession of 
crypto is itself a crime (or was, last I heard: if there are any Cubans on the 
list, I would love to know if this is still true).  That said, exceptions to a 
rule are expected -- there are few rules so general they do not admit 
exceptions.

> I agree that "generally speaking, it's a good idea to put keys on the 
> keyservers".  I don't know if that makes it conventional wisdom, or who the 
> arbiter of such wisdom might be, but clearly a very common use of OpenPGP is 
> for encrypted mail.

I likewise have suspicions and doubts about conventional wisdom.  (You could 
just as easily say, "conventional wisdom is that you can tell a lot about 
someone by the signatures on their key" -- I can see an argument being made for 
that being conventional wisdom.  It's *wrong*, but that doesn't keep it from 
being conventional wisdom.)

However, on the scale of conventional wisdom, where on one end there's "never 
get involved in a land war in Asia" and "never go against a Sicilian when death 
is on the line," [1] and on the other there's "the signatures on a key tell you 
a lot about a person", I think the conventional wisdom of "generally speaking, 
it's a good idea to put keys on the keyservers" is closer to the former 
category than the latter.  :)

Admittedly, I am no arbiter of what's conventional wisdom.  The preceding is 
just my own personal interpretation of what prevailing CW is.

[1] http://www.imdb.com/title/tt0093779/quotes

> With regards to the second statement, you give a great reason yourself a few 
> paragraphs up: "If you live in Cuba and you're using GnuPG, then you should 
> not have your key on the servers and you have a perfectly reasonable fear 
> about people uploading your key there".  Is that not a good reason to request 
> that a key stay off the keyservers?

I think it's a great example of a clear exception to a general rule.

> So you are saying "I do not do this".  And MFPA is saying "I think nobody 
> should do this" ?

Not really.  That's a side issue.

The real question is this:

"The status quo is that new users are routinely told, 'generally speaking, it 
is a good idea to upload your key to the keyservers.'  Does this need to 
change?"

> Where's the problem?

He says "yes and here's why," and I say, "your arguments do not appear sound, 
and here's why."


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to