-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi
On Monday 28 February 2011 at 11:38:31 PM, in <mid:d8186941-6e29-4358-9f0f-4a9c900cd...@jabberwocky.com>, David Shaw wrote: > I think the problem here is the large size of the > deployed infrastructure that expects user IDs to have > email addresses in them Apart from email clients, what infrastructure expects email addresses in UIDs? > To make > this change, you'd have to have a keyserver that could > search in that manner, Any keyserver could handle searching for both the plain text and the hash: the client could query for one string, then for the other, then combine the results. > plus client support to make the > hashes when talking to the keyserver, etc. Hashes would need to be generated when selecting keys on the local keyring too, not just when talking to keyservers. > You'd have > to handle the very-small-but-non-zero chance of a hash > collision in the user ID, too. A plaintext "collision" where two people have the same name in their UID is nothing to write home about. Why would it be an issue if the colliding string happened to be a hash? - -- Best regards MFPA mailto:expires2...@ymail.com Wise men learn many things from their enemies. -----BEGIN PGP SIGNATURE----- iQE7BAEBCgClBQJNbER+nhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pIHMD/j0r /OnnXV4zB1Ig9KBi+ZsTLlEPXR6Jmfdnvryjjh+AjWMvYvXJr16+IMaURirH4AYu 3sL4s+td2mfkwnoAMQxswM/3OcMgKPHWrdbWTYQ6sMFoHyUFXZ7zE+LtytHwyknc 7eNVWsGvLUE3GDZrUbMXR2yy+63fe3KOFCQCcWuG =fxJu -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
