Preserving non-central and privacy with a "permission recording keyserver" (was: Launching a new keyserver on!)

Michał Górny mgorny at
Wed Jul 10 11:05:57 CEST 2019

Dnia July 10, 2019 7:32:29 AM UTC, Bernhard Reiter <bernhard at> napisał(a):
>Am Dienstag 09 Juli 2019 14:37:05 schrieb Michał Górny via Gnupg-devel:
>> On Tue, 2019-07-09 at 11:50 +0200, Bernhard Reiter wrote:
>> > === Non-email ids
>> How are you going to detect people on photo IDs?
>We also should limit the data on the userid to some byte length, but
>yes, if 
>it gets an automated attack that personal data, like an email address
>encoded as png image, we might have to add a png decoder and an OCR at
>point. The point of this strategy is that we only do it, once this
>really comes to place. And additionally, we try to get hold of the
>and sue her for interfering with a common infrastructure.

I don't think we're taking about the same thing. I was considering the case where somebody uploads his photo as UID. How are you going to protect against somebody using my face, for example?

Best regards, 
Michał Górny

More information about the Gnupg-devel mailing list