Security of the gpg private keyring?
expires2011 at ymail.com
Wed Mar 2 00:29:19 CET 2011
-----BEGIN PGP SIGNED MESSAGE-----
On Tuesday 1 March 2011 at 8:56:56 PM, in
<mid:201103012156.57096 at thufir.ingo-kloecker.de>, Ingo Klöcker wrote:
> Hmm. Why do the keyservers need to support it at all?
> IMO the clients that want to upload a key should check
> for this flag and warn the user if a key has this flag.
I think the warning would be a good idea because it should serve to
reduce accidental uploading of keys (except by those who view such
warnings as "noise" and just click through without really reading
Since the keyserver-no-modify flag is set by default in GnuPG and this
warning would be triggered for a large percentage of keys, why bother
checking for the flag? "Do you really want to publish this key to a
keyserver?" could be asked every time the user told the client to
upload any key, perhaps also displaying some info about the key and
MFPA mailto:expires2011 at ymail.com
If it aint broke, fix it till it is broke!
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users