On 25/01/12 23:55, Daniel Kahn Gillmor wrote: > If people use e-mail addresses like this, then they could probably just > derive the high-entropy-portion of their e-mail address from their key's > fingerprint directly, and attach only a User ID like "anonymous". > > e.g. > > dkg--noenum-0ee5be979282d80b9f7540f1ccd2ed94d2173...@fifthhorseman.net > > Then no keysigning would be needed as anyone who knows the e-mail > address already knows the key to use, and the key is fetchable from the > keyservers by keyid directly. > > This can all be done with the current toolchain, without modification, > afacit. The only problem is that you'd have to adjust your MUA to tell > it which key to use explicitly for mailing to addresses like this. If > you think this is the way to go, maybe you should talk to MUA > developers, or propose a mechanism or heuristic gpg could use to > pre-select keys from e-mail addresses like this.
I like it. I was thinking along the same lines, but you were a big step ahead of me. I hand't thought of the fingerprint. I think you might have just solved the whole issue with a much better solution! I don't think you can add entropy to an e-mail address and end up with a solution that is more elegant than what you just proposed with the fingerprint. > Please propose an alternate scheme that you think would be an > improvement if you think such a scheme exists. You just did yourself ;D. Eureka! Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
