On Mon, Apr 25, 2016 at 05:24:21PM +0200, Daniel Pocock wrote: > Another interesting idea may be having an application that runs in Tails > to download other people's keys from key servers, automatically using a > different Tor connection for each download.
apt show parcimonie | $magic
Description: privacy-friendly helper to refresh a GnuPG keyring
parcimonie is a daemon that slowly refreshes a gpg public keyring
from a keyserver.
.
Its refreshes one OpenPGP key at a time; between every key update,
parcimonie sleeps a random amount of time, long enough for the
previously used Tor circuit to expire.
.
This process is meant to make it hard for an attacker to correlate
the multiple performed key update operations.
.
See the included design document to learn more about the threat
and risk models parcimonie attempts to help coping with.
--
cheers,
Holger
signature.asc
Description: Digital signature
