[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PGP and pseudonyms

To: Alan Olsen <[email protected]>
Subject: Re: PGP and pseudonyms
From: Steve Reid <[email protected]>
Date: Sun, 28 Apr 1996 17:14:37 -0700 (PDT)
cc: [email protected]
In-Reply-To: <[email protected]>
Sender: [email protected]

> >this pseudonym. If this person's secret keyring were stolen, could
> >person=pseudonym be revealed, based on the key ID? Or would it require
> >knowing the passphrase? 
> 
> Yes, the person=personna would be revealed.  No, a passphrase would not be
> needed.
> To demonstrate try "pgp -kv secring.pgp" and see what you get.

I kinda figured that... I was just wondering if maybe the info could be
altered, so that the real info can't be figured without getting the
passphrase. 

> I hope this gets fixed in PGP 3.0.

I guess pseudonymity(sp?) wasn't the main concern when PGP was created.

I suppose a temporary fix would be to not use an ordinary PGP passphrase,
but rather encrypt the whole secring.pgp file. Decrypt it when you need
it, and be very careful to properly clean up when you're done. 


=====================================================================
| Steve Reid - SysAdmin & Pres, EDM Web (http://www.edmweb.com/)    |
| Email: [email protected]   Home Page: http://www.edmweb.com/steve/ |
| PGP Fingerprint: 11 C8 9D 1C D6 72 87 E6  8C 09 EC 52 44 3F 88 30 |
|              -- Disclaimer: JMHO, YMMV, IANAL. --                 |
===================================================================:)

Follow-Ups:
- Re: PGP and pseudonyms
  - From: Rich Graves <[email protected]>

References:
- Re: PGP and pseudonyms
  - From: Alan Olsen <[email protected]>

Prev by Date: Re: Book: The President's Eyes Only
Next by Date: Re: code vs cypher
Prev by thread: Re: PGP and pseudonyms
Next by thread: Re: PGP and pseudonyms
Index(es):
- Date
- Thread