[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: GnuPG through Tor



     On Tue, 21 Oct 2008 00:45:10 -0400 tor-operator@xxxxxxxxxxxxx wrote:
>On Monday 20 October 2008 22:48:32 misc wrote:
>> Is it possible to run GnuPG through Tor? (when connecting to LDAP and HKP
>> servers to exchange keys)?
>
>Hello,
>
>If you don't mind my asking, is there anything you (or anyone else, chime in!) 
>feel could be incriminating about obtaining someone's public key block from a 
>keyserver?

     I don't think that is the issue here, but rather one of whether doing
so breaks or weakens one's anonymity.  For example, if Bob fetches an
infrequently fetched key (e.g., a key belonging to Lureen) and two minutes
later Lureen's in box receives an encrypted message via an anonymous remailer,
does knowing the IP address of the key fetcher is also Alice's IP address
help Charlie point the finger at Alice as being the source of the message?
>
>This is apart from doing so within the reach of a political system that frowns 
>on, or bans, the use of encryption either for private citizens/subjects or 
>foreign nationals within their reach.
>
     Yes.  If Charlie can quickly identify exactly who is communicating whith
whom, regardless of whether PGP/GPG is used, then he has a better idea of how
to deploy his other resources more effectively.


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:       bennett at cs.niu.edu                              *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************