[Cryptography] Google proposes a Web of Trust replacement to solve the key distribution problem.

Phillip Hallam-Baker phill at hallambaker.com
Fri Aug 29 09:54:01 EDT 2014 

On Thu, Aug 28, 2014 at 5:53 PM, Phil Pennock
<md-cryptography at spodhuis.org> wrote:
> On 2014-08-28 at 09:51 +0530, Udhay Shankar N wrote:
>> https://code.google.com/p/end-to-end/wiki/KeyDistribution
>
> Crash and burn: the existing public key servers for PGP have already
> received EU-based privacy takedown notices for keys, after someone
> protested their public key being publicly listed, together with their
> name.  Since SKS (the reconciling PGP keyserver network) has no current
> way to blacklist keys (cue censorship cries), that keyserver operator in
> Austria, an operator of good standing, shut down his keyserver.  This
> predates "right to be forgotten" recent fuss, and is based on
> long-standing EU privacy laws.
>
> So take that same principle, but then make the history absolutely
> immutable by design, while holding data about personally identifiable
> information (name + email), make it very public, with complete history
> (not just current view) and try to scale it out to every email user.
>
> Spammers will have a field day.
>
> In an attempt to provide privacy and secrecy for communications, in a
> way which doesn't solve metadata leakage and bulk analysis but makes
> them worse (non-revocable) they're reducing privacy for email addresses
> and names and making it a bulk action.
>
> It's this sort of blindness which keeps landing Google in trouble with
> privacy commissioners.

Actually this could be an opportunity. If SKS is under threat in this
way then there is an incentive to move to a different protocol.

Yes we can move to a hash of the email address. But only after all the
clients are updated to the new protocol. This could be another PGP
only protocol or it could be a more general protocol that enables a
bridge to a next generation protocol. We don't need to know what that
is before we build the bridge.


Using a hash of an email address mitigates some of the privacy
problems but not all.

i can imagine that there will be some folk who only want to give out
their key to authorized parties who might be friends they have met or
friends of friends.


It is also going to be essential to lard up any repository with
honeypot entries.

More information about the cryptography mailing list