Preserving non-central and privacy with a "permission recording keyserver"
dirk.gottschalk1980 at googlemail.com
Wed Jul 10 23:28:47 CEST 2019
Am Mittwoch, den 10.07.2019, 19:54 +0200 schrieb Werner Koch:
> On Wed, 10 Jul 2019 10:27, andrewg at andrewg.com said:
> > I don't think we should ever delete the full dataset (i.e.
> > including the
> > primary). We still need to be able to distribute revocations, and
> > that's
> > only going to work if they're attached to something.
> Some folks are talking about privacy reasons not to distribute the
> user-id. I don't buy this argument because the user has already
> given his consent (with most MUAs and with gpg's command line) to use
> a mail address along with a key and the specific format is a
Yes, that's my thaught.
> A key on a keyserver should never be searchable by user-id. It is
> not required and only an attractor to use the keyserver as free and
> searchable data storage. We only need lookups by fingerprint. Keys
> should in general be discovered by other reliable mail to key mapping
> services. If that is not possible there is always the fallback to
> first send a signed mail and the recipients tool can then lookup the
> key via the fingerprint (which is embedded in the signature) at a
Then, the --search-keys option og gpg CLI is obsolete. That would be
okay, but this option should be disables in newer versions of gpg.
GPG: 4278 1FCA 035A 9A63 4166 CE11 7544 0AD9 4996 F380
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: This is a digitally signed message part
More information about the Gnupg-devel