Public key with alternate address
Is is possible to use your primary secret key to make a public key
with an alternate email address?
That is, I'd like to publish my public key on a key-server, but don't
wish to publicise my personal email address, but instead give a
disposable address so I have some control over spammers who harvest
the address from the key-server.
Is this possible? If so, how do I do this with GnuPG?
If not, what practices to others use to prevent your personal email
address from falling into the hands of spammers?
-jason
Re: Public key with alternate address
JVarsoke wrote:[color=blue]
>
> Is is possible to use your primary secret key to make a public key
> with an alternate email address?
>
> That is, I'd like to publish my public key on a key-server, but don't
> wish to publicise my personal email address, but instead give a
> disposable address so I have some control over spammers who harvest
> the address from the key-server.[/color]
You should probably create a key pair for your "alternate" address, but not
for your "personal" one. If both are on the same key, or even if you
distribute another key carrying your "personal address", both addresses are
likely to end up on the key servers.
[color=blue]
> what practices to others use to prevent your personal email
> address from falling into the hands of spammers?[/color]
This cannot usually be prevented; please see
<URL:http://www.private.org.il/harvest.html>. What you can do is filter smtp
connections and email messages from spammers and insecure clients; these
solutions address *all* harvesting techniques.
Thor
--
[url]http://thorweb.anta.net/[/url]
Re: Public key with alternate address
> Is is possible to use your primary secret key to make a public key[color=blue]
> with an alternate email address?
>
> That is, I'd like to publish my public key on a key-server, but don't
> wish to publicise my personal email address, but instead give a
> disposable address so I have some control over spammers who harvest
> the address from the key-server.
>
> Is this possible? If so, how do I do this with GnuPG?[/color]
Add a new identity with the other email address. Back up your keyring.
Delete your main identity with your real email address, then upload this
key which now just has the disposable address to the keyserver. Then
restore the key from backup.[color=blue]
>
> If not, what practices to others use to prevent your personal email
> address from falling into the hands of spammers?
>[/color]
Spammers don't harvest addresses from pgp keyservers. It's probably not
worth worrying.
Re: Public key with alternate address
MikeyD <m_donaghy50@hotmail.com> wrote in message news:<1077965539.18316.0@despina.uk.clara.net>...[color=blue][color=green]
> > Is is possible to use your primary secret key to make a public key
> > with an alternate email address?[/color][/color]
[color=blue]
> Add a new identity with the other email address. Back up your keyring.
> Delete your main identity with your real email address, then upload this
> key which now just has the disposable address to the keyserver. Then
> restore the key from backup.[/color]
okay, sorry for being a little obtuse, but I'm not exactly certain how
to proceed.
I would like to use one private key to decrypt all mail sent to me.
I'd like to issue public key A to my friends.
I'd like to issue public key B to the public server.
I'd really like public key A & B to be the same, except A says my
email address is X and B says my email address is Y.
Basically, I don't understand if the email address (and name for that
matter) are associated with the public keys in some mathematical way,
or are they just labels to be changed anytime?
Again, sorry for being obtuse. Feel free to point me in the direct of
a FAQ. I can't seem to find the FAQ for this group.
-jason
Re: Public key with alternate address
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[email]usenet.9.jvarsoke@spamgourmet.com[/email] (JVarsoke) writes:
[color=blue]
>I'd like to issue public key A to my friends.
>I'd like to issue public key B to the public server.[/color]
[color=blue]
>I'd really like public key A & B to be the same, except A says my
>email address is X and B says my email address is Y.[/color]
Yes, that's possible.
[color=blue]
>Basically, I don't understand if the email address (and name for that
>matter) are associated with the public keys in some mathematical way,
>or are they just labels to be changed anytime?[/color]
In essence, they are labels, usually called userids. You can have
several such "labels" on a key. You can add or remove them at will.
In order for these "labels" to be trustworthy, you are expected to
sign them. Otherwise anybody at all could attach such "labels" to
your key.
The thing to do is to add both userids (or "labels") to your key.
Then make a backup.
Then delete one of the userids. Export the key. Send the key
to your friends.
Now reimport the key from your backup, which restores both
userids.
Do the same thing again, this time deleting the other userid. Now
send the key to a public keyserver. Again, reimport your key so that
your copy has both userids.
There is one fly in the ointment. One of your friends could send his
copy of your key to the public keyservers. Thereafter, the public
servers would have both ids.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (SunOS)
iD8DBQFAQUt5vmGe70vHPUMRAluYAKDo3t6VSZVTUg9NhM7Lch72gz2NkgCg934I
b2mwTO2EM30IZgdNE9lLMZk=
=Z/SV
-----END PGP SIGNATURE-----
Re: Public key with alternate address
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[color=blue][color=green][color=darkred]
>> > Is is possible to use your primary secret key to make a public key
>> > with an alternate email address?[/color][/color]
>[color=green]
>> Add a new identity with the other email address. Back up your keyring.
>> Delete your main identity with your real email address, then upload this
>> key which now just has the disposable address to the keyserver. Then
>> restore the key from backup.[/color]
>
> okay, sorry for being a little obtuse, but I'm not exactly certain how
> to proceed.
>
> I would like to use one private key to decrypt all mail sent to me.
>
> I'd like to issue public key A to my friends.
> I'd like to issue public key B to the public server.
>
> I'd really like public key A & B to be the same, except A says my
> email address is X and B says my email address is Y.
>
> Basically, I don't understand if the email address (and name for that
> matter) are associated with the public keys in some mathematical way,
> or are they just labels to be changed anytime?
>[/color]
They are just labels, verified by being signed with the key itself. To do
this proceed exactly as I said above.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFAQdL+seVxKm0DPWERAskCAKCXJ3OTT9cF2KG5knEvAmlPEvaC2ACg+Y4Z
tAaFmNTCueoUP/pJLPvoW/w=
=P9KA
-----END PGP SIGNATURE-----
