[Autocrypt] [openpgp-email] Keyservers and GDPR
Tobias Mueller
muelli at cryptobitch.de
Wed Nov 7 18:07:48 CET 2018
Hi,
On Wed, 2018-11-07 at 10:13 +0100, Werner Koch wrote:
> This requires that there are no rogue keyservers in the network and
> that
> in turn means that they are under the control of a single entity.
It depends on your use case, but you might be happy enough if you have a
proof of who introduced the malicious data.
That said, you might as well establish a network adhering to certain
rules run by people who are trusted enough by its users. That may not
necessarily be Google, but the EFF, the CCC, or the DPAs of the EU
member states.
Cheers,
Tobi
More information about the Gnupg-devel
mailing list