Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Feature Request: remove policy-url metadata #297

Open
ananteris opened this issue Sep 8, 2019 · 1 comment · May be fixed by #298
Open

Feature Request: remove policy-url metadata #297

ananteris opened this issue Sep 8, 2019 · 1 comment · May be fixed by #298
Assignees
@romanz

Comments

@ananteris
Copy link

ananteris commented Sep 8, 2019
edited
Loading

The policy url custom subpacket (set to TREZOR-GPG) is shared when a public key is distributed. This metadata can hurt anonymity since it conveys that a public key's owner is also a Trezor owner/trezor-gpg user. This is bad for OPSEC.

If possible libagent/gpg/encode.py should find a different mechanism to determine signer_func which does not require additional key metadata.
@romanz romanz self-assigned this Sep 8, 2019
@romanz romanz linked a pull request Sep 9, 2019 that will close this issue
Open
@doolio
Copy link
Contributor

doolio commented Sep 3, 2023

How does one see this metadata in the public key?

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@romanz romanz

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Don't store TREZOR marker inside public key romanz/trezor-agent
3 participants
@romanz @doolio @ananteris