Public key with alternate address - PGP

This is a discussion on Public key with alternate address - PGP ; Is is possible to use your primary secret key to make a public key with an alternate email address? That is, I'd like to publish my public key on a key-server, but don't wish to publicise my personal email address, ...

+ Reply to Thread
Results 1 to 6 of 6

Thread: Public key with alternate address

  1. Public key with alternate address

    Is is possible to use your primary secret key to make a public key
    with an alternate email address?

    That is, I'd like to publish my public key on a key-server, but don't
    wish to publicise my personal email address, but instead give a
    disposable address so I have some control over spammers who harvest
    the address from the key-server.

    Is this possible? If so, how do I do this with GnuPG?

    If not, what practices to others use to prevent your personal email
    address from falling into the hands of spammers?

    -jason

  2. Re: Public key with alternate address



    JVarsoke wrote:
    >
    > Is is possible to use your primary secret key to make a public key
    > with an alternate email address?
    >
    > That is, I'd like to publish my public key on a key-server, but don't
    > wish to publicise my personal email address, but instead give a
    > disposable address so I have some control over spammers who harvest
    > the address from the key-server.


    You should probably create a key pair for your "alternate" address, but not
    for your "personal" one. If both are on the same key, or even if you
    distribute another key carrying your "personal address", both addresses are
    likely to end up on the key servers.

    > what practices to others use to prevent your personal email
    > address from falling into the hands of spammers?


    This cannot usually be prevented; please see
    . What you can do is filter smtp
    connections and email messages from spammers and insecure clients; these
    solutions address *all* harvesting techniques.

    Thor

    --
    http://thorweb.anta.net/

  3. Re: Public key with alternate address

    > Is is possible to use your primary secret key to make a public key
    > with an alternate email address?
    >
    > That is, I'd like to publish my public key on a key-server, but don't
    > wish to publicise my personal email address, but instead give a
    > disposable address so I have some control over spammers who harvest
    > the address from the key-server.
    >
    > Is this possible? If so, how do I do this with GnuPG?


    Add a new identity with the other email address. Back up your keyring.
    Delete your main identity with your real email address, then upload this
    key which now just has the disposable address to the keyserver. Then
    restore the key from backup.
    >
    > If not, what practices to others use to prevent your personal email
    > address from falling into the hands of spammers?
    >

    Spammers don't harvest addresses from pgp keyservers. It's probably not
    worth worrying.

  4. Re: Public key with alternate address

    MikeyD wrote in message news:<1077965539.18316.0@despina.uk.clara.net>...
    > > Is is possible to use your primary secret key to make a public key
    > > with an alternate email address?


    > Add a new identity with the other email address. Back up your keyring.
    > Delete your main identity with your real email address, then upload this
    > key which now just has the disposable address to the keyserver. Then
    > restore the key from backup.


    okay, sorry for being a little obtuse, but I'm not exactly certain how
    to proceed.

    I would like to use one private key to decrypt all mail sent to me.

    I'd like to issue public key A to my friends.
    I'd like to issue public key B to the public server.

    I'd really like public key A & B to be the same, except A says my
    email address is X and B says my email address is Y.

    Basically, I don't understand if the email address (and name for that
    matter) are associated with the public keys in some mathematical way,
    or are they just labels to be changed anytime?

    Again, sorry for being obtuse. Feel free to point me in the direct of
    a FAQ. I can't seem to find the FAQ for this group.

    -jason

  5. Re: Public key with alternate address

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    usenet.9.jvarsoke@spamgourmet.com (JVarsoke) writes:

    >I'd like to issue public key A to my friends.
    >I'd like to issue public key B to the public server.


    >I'd really like public key A & B to be the same, except A says my
    >email address is X and B says my email address is Y.


    Yes, that's possible.

    >Basically, I don't understand if the email address (and name for that
    >matter) are associated with the public keys in some mathematical way,
    >or are they just labels to be changed anytime?


    In essence, they are labels, usually called userids. You can have
    several such "labels" on a key. You can add or remove them at will.
    In order for these "labels" to be trustworthy, you are expected to
    sign them. Otherwise anybody at all could attach such "labels" to
    your key.

    The thing to do is to add both userids (or "labels") to your key.

    Then make a backup.

    Then delete one of the userids. Export the key. Send the key
    to your friends.

    Now reimport the key from your backup, which restores both
    userids.

    Do the same thing again, this time deleting the other userid. Now
    send the key to a public keyserver. Again, reimport your key so that
    your copy has both userids.

    There is one fly in the ointment. One of your friends could send his
    copy of your key to the public keyservers. Thereafter, the public
    servers would have both ids.

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.4 (SunOS)

    iD8DBQFAQUt5vmGe70vHPUMRAluYAKDo3t6VSZVTUg9NhM7Lch 72gz2NkgCg934I
    b2mwTO2EM30IZgdNE9lLMZk=
    =Z/SV
    -----END PGP SIGNATURE-----


  6. Re: Public key with alternate address

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    >> > Is is possible to use your primary secret key to make a public key
    >> > with an alternate email address?

    >
    >> Add a new identity with the other email address. Back up your keyring.
    >> Delete your main identity with your real email address, then upload this
    >> key which now just has the disposable address to the keyserver. Then
    >> restore the key from backup.

    >
    > okay, sorry for being a little obtuse, but I'm not exactly certain how
    > to proceed.
    >
    > I would like to use one private key to decrypt all mail sent to me.
    >
    > I'd like to issue public key A to my friends.
    > I'd like to issue public key B to the public server.
    >
    > I'd really like public key A & B to be the same, except A says my
    > email address is X and B says my email address is Y.
    >
    > Basically, I don't understand if the email address (and name for that
    > matter) are associated with the public keys in some mathematical way,
    > or are they just labels to be changed anytime?
    >

    They are just labels, verified by being signed with the key itself. To do
    this proceed exactly as I said above.


    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.3 (GNU/Linux)

    iD8DBQFAQdL+seVxKm0DPWERAskCAKCXJ3OTT9cF2KG5knEvAm lPEvaC2ACg+Y4Z
    tAaFmNTCueoUP/pJLPvoW/w=
    =P9KA
    -----END PGP SIGNATURE-----

+ Reply to Thread