[messaging] Google End-to-End plans on using key directories with a CT-like verification protocol
mike at plan99.net
Thu Aug 28 14:29:44 PDT 2014
> Sorry I wasn't more clear. I was referring to the fact that the
> directory would be openly publishing a list of everyone's email
> addresses. Even if you hash them, they're pretty trivially invertible.
Ah right. I don't think that aspect is a big deal. Given that spammers have
shown an ability to successfully invert tens of millions of *user passwords,
*I can't worry too much about them inverting a hash of a public address.
Hashing is still valuable though. Otherwise you'd get marketing people
worrying about people publishing lists of obviously phishy accounts and
embarassing the company, or people managing to locate the personal
addresses of celebrities by analysing account names etc.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Messaging