Keyservers and GDPR
Christoph Anton Mitterer
calestyo at scientia.net
Wed May 23 23:04:05 CEST 2018
On Wed, 2018-05-23 at 15:31 +0200, Dirk Gottschalk via Gnupg-devel
wrote:
> Well, that's true. the only option would be to allow only the key
> owner
> to upload or delete his key
That would in fact be a good thing... perhaps even with some form of
challenge response (i.e. the owner must sign something as a response).
In addition.... it should be possible for a key owner, to delete his
UID subpackets from the keyservers... (any revoc subpackets/etc. should
be kept forever).
But in fact even this may not be fully enough to fulfil that stupid EU
laws.
> On the other hand, I don't see any Problems with GDPR at all. I don't
> think that they even thought about such cases. The most protocols
> would
> be no longer legal after it takes place. ^^
I'm not an expert... but from my naive understanding I'd say that the
GDPR basically outlaws keyservers as they're now.
I've stopped mine for now.
Cheers,
Chris.
More information about the Gnupg-devel
mailing list