[openpgp-email] Keyservers and GDPR

Werner Koch wk at gnupg.org
Wed Nov 7 10:13:06 CET 2018

On Tue,  6 Nov 2018 17:27, amm at datenreisen.de said:

> I do roughly recal that such a verification process has been discussed for
> the SKS keyservers at one of the pgp-summit before, but i wonder what
> happened to the idea. However, if it that is “good enough” to be compliant

This requires that there are no rogue keyservers in the network and that
in turn means that they are under the control of a single entity.  Or
in short, let Google take care of it.

Such verification will be a single point of failure and it would be
trivial for governments or corporations to take down a key.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20181107/38eed729/attachment-0001.sig>

More information about the Gnupg-devel mailing list