|
|
|
|
|
|
by tazjin
3834 days ago
|
|
|
Yes, it's supposed to be a hash of the user's identifier. The goal is of course being able to look up the keys of individual users based on their publicly shared identifier. This system isn't trying to hide a user's keys in any way, so I think we're simply trying to solve different things |
|
|
Which is why it's a privacy issue: given someone's public identifier, I can see what his key is and how it changes over time. I can see if he has a key, which is interesting information. As I noted, I can probably monitor traffic to find messages encrypted by or to his key.
Heck, I can pregenerate many potentially-valid identifiers (e.g. [0-9az]+@[a-z][0-9az]+\.(com|net|org|edu) and look for them in the public blockchain, and use that to confirm whether the accounts are valid or not (this could be used to see if an email address is valid without ever sending email to it). I could use this to verify addresses before sending out spam or malware.
If I can see two identifiers who communicate with one another, I could use this to, say, malware purportedly from one to the other via unsigned email, who is likely to trust it because it appears to be from someone he knows.
You see the issues, I hope. This kind of thing really is tough.