email hashes in PGP keys as protection against spam
Hauke Laging
mailinglisten at hauke-laging.de
Mon Oct 5 23:16:54 CEST 2009
Am Montag 05 Oktober 2009 schrieb John Clizbe:
> They are also not so good at estimating the incidence of "Keyserver
> SPAM". Yes, it happens. But when I tried to measure it, it was of a
> level statistically indistinguishable from random noise.
And some are not good at reading.
My description states twice that this is not a problem today but could
easily become one in the future if (what I think we all hope) more and
more people use PGP.
It will take several years until we reach this point. So we have enough
time to make the technical preparations.
> I see this proposal breaking a lot of applications
Some examples (for breaking applications which get their keys from key
servers)? Even if this is the situation today probably no problem would
arise as there is enough time to introduce such a feature quite slowly.
> It's a security blanket that really doesn't address the
> problem, only a perceived cause.
It addresses the obvious future problem, not the irrelevant problem of
today. How shall I understand "security blanket"?
Anyway: If enough people "percieve" such a problem, do you think your "it
will never be a problem because it is none today" theory is a good enough
argument against that?
> LDAP servers make a great keyserver for this sort of application
Not being reachable is not the application I was talking about.
Hauke
More information about the Gnupg-devel
mailing list