[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: About User-ID's

To: Jon Callas <jon@xxxxxxxxxx>
Subject: Re: About User-ID's
From: Ingo Luetkebohle <ingo@xxxxxxxxxxxxxx>
Date: Sun, 19 Aug 2001 12:59:37 +0200
Cc: ietf-openpgp@xxxxxxx
In-reply-to: <>; from jon@callas.org on Sat, Aug 18, 2001 at 04:27:12PM -0700
List-archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-id: <ietf-openpgp.imc.org>
List-unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
Organization: Maybe when I grow up
References: <> <>
Sender: owner-ietf-openpgp@xxxxxxxxxxxx
User-agent: Mutt/1.2.5i

On Sat, Aug 18, 2001 at 04:27:12PM -0700, Jon Callas wrote:
> I don't know about irrelevant -- but I don't know what do do about them. If
> user ids didn't have email addresses on them (which they don't have to), it
> would be hard to find the right key when you want to encrypt mail to
> someone.

Oh, I didn't mean to suggest that. Sorry for not making that clear.

I think "best practices" can be divided in two: 1) best practices on
what to put into a User-ID (obvious and well-established for e-mail,
could be different for SSL keys and so on) and 2) best practices on
how software treats the information.

For an example of the latter, I think current key-server software
makes it exceptionally easy to harvest e-mail address, should someone
desire to do so. I can search for three random letters to get all keys
with those three letters in and the HTML page I get conveniently lists
not just the matching keys but also all the e-mail addresses, *and* --
with the right options -- all e-mail addresses of all signers. This
allows a smart crawler to easily walk the whole server and gather
addresses -- *just* addresses.  Now just consider how much more
difficult it would be if the crawler would have to download the key,
interpret it, go back to the keyserver to fetch all keys referenced in
the signers section and so on. This could be forced by a slight change
in the amount and nature of information revealed by the key-server
(e.g., it could just display the key-id, and the number of
signatures). For legitimate users, who have to download the whole key
anyway, it wouldn't make a difference.

This could be summed up in a suggestion of a best practices document
that software should expect keys to contain sensitive information and
be careful in what it exposes.

There are obviously more open questions, some of which have
traditionally been in FAQ's. Maybe it would help if I draft a small
document with all of them and we can then decide of whether to make an
information RFC from it or just leave it to application developers
documentation?

Regards

--
	Ingo Luetkebohle / ingo@xxxxxxxxxxxxxx / Student of Bioinformatics
/
| Cross-Platform OpenPGP: http://xpg.sourceforge.net/
|
| Fargonauten.DE sysadmin; Gimp Registry maintainer;
| FP: 3187 4DEC 47E6 1B1E 6F4F  57D4 CD90 C164 34AD CE5B

Attachment: pgp00062.pgp
Description: PGP signature

References:
- About User-ID's
  - From: Ingo Luetkebohle
- Re: About User-ID's
  - From: Jon Callas

Prev by Date: How do I extract my PRIVATE key in PGP CL 6.5???
Next by Date: Re: How do I extract my PRIVATE key in PGP CL 6.5???
Previous by thread: Re: About User-ID's
Next by thread: Re: About User-ID's
Index(es):
- Date
- Thread