Keyservers and GDPR

Christoph Anton Mitterer calestyo at
Wed May 23 23:04:05 CEST 2018

On Wed, 2018-05-23 at 15:31 +0200, Dirk Gottschalk via Gnupg-devel
> Well, that's true. the only option would be to allow only the key
> owner
> to upload or delete his key

That would in fact be a good thing... perhaps even with some form of
challenge response (i.e. the owner must sign something as a response).

In addition.... it should be possible for a key owner, to delete his
UID subpackets from the keyservers... (any revoc subpackets/etc. should
be kept forever).

But in fact even this may not be fully enough to fulfil that stupid EU

> On the other hand, I don't see any Problems with GDPR at all. I don't
> think that they even thought about such cases. The most protocols
> would
> be no longer legal after it takes place. ^^

I'm not an expert... but from my naive understanding I'd say that the
GDPR basically outlaws keyservers as they're now.

I've stopped mine for now.


More information about the Gnupg-devel mailing list