auto-key-retrieve considered harmful

Werner Koch wk at gnupg.org
Mon Dec 8 10:43:49 CET 2003


On Sun, 7 Dec 2003 20:44:10 +0100, Christian Biere said:

> harmful in combination with the wrong software. A warning that
> this feature should be used with caution due to bad software
> that didn't check the trust levels wouldn't hurt anyone. I mean,
> it's no *that* obvious, IMHO, is it?

That is a misconception here: You assume that the keyring contains at
least somewhat trusted keys.  This is wrong.  It is easy to import
keys you don't have any connection to and thus you can't trust.  The
key validation code is the only way to decide whether a key is
trustworthy or not.

If you want to use a keyring with known trusted keys, use gpgv and put
all such trusted keys into trustedkeys.gpg.

  Werner

-- 
Werner Koch                                      <wk at gnupg.org>
The GnuPG Experts                                http://g10code.com
Free Software Foundation Europe                  http://fsfeurope.org




More information about the Gnupg-devel mailing list