email hashes in PGP keys as protection against spam

Hauke Laging mailinglisten at
Mon Oct 5 23:16:54 CEST 2009

Am Montag 05 Oktober 2009 schrieb John Clizbe:

> They are also not so good at estimating the incidence of "Keyserver
> SPAM". Yes, it happens. But when I tried to measure it, it was of a
> level statistically indistinguishable from random noise.

And some are not good at reading.

My description states twice that this is not a problem today but could 
easily become one in the future if (what I think we all hope) more and 
more people use PGP.

It will take several years until we reach this point. So we have enough 
time to make the technical preparations.

> I see this proposal breaking a lot of applications

Some examples (for breaking applications which get their keys from key 
servers)? Even if this is the situation today probably no problem would 
arise as there is enough time to introduce such a feature quite slowly.

> It's a security blanket that really doesn't address the 
> problem, only a perceived cause.

It addresses the obvious future problem, not the irrelevant problem of 
today. How shall I understand "security blanket"?

Anyway: If enough people "percieve" such a problem, do you think your "it 
will never be a problem because it is none today" theory is a good enough 
argument against that?

> LDAP servers make a great keyserver for this sort of application

Not being reachable is not the application I was talking about.


More information about the Gnupg-devel mailing list