Preserving non-central and privacy with a "permission recording keyserver" (was: Launching a new keyserver on keys.openpgp.org!)
mgorny at gentoo.org
Wed Jul 10 11:05:57 CEST 2019
Dnia July 10, 2019 7:32:29 AM UTC, Bernhard Reiter <bernhard at intevation.de> napisał(a):
>Am Dienstag 09 Juli 2019 14:37:05 schrieb Michał Górny via Gnupg-devel:
>> On Tue, 2019-07-09 at 11:50 +0200, Bernhard Reiter wrote:
>> > === Non-email ids
>> How are you going to detect people on photo IDs?
>We also should limit the data on the userid to some byte length, but
>it gets an automated attack that personal data, like an email address
>encoded as png image, we might have to add a png decoder and an OCR at
>point. The point of this strategy is that we only do it, once this
>really comes to place. And additionally, we try to get hold of the
>and sue her for interfering with a common infrastructure.
I don't think we're taking about the same thing. I was considering the case where somebody uploads his photo as UID. How are you going to protect against somebody using my face, for example?
More information about the Gnupg-devel