recommendation for key servers

Vincent Breitmoser look at
Sun Jun 27 22:14:31 CEST 2021

Hi Werner,

> I can only repeat that stripping the User-ID from a key is Bad Thing

I've actually never seen this argument in full. I just checked T4393 again, the
only explanation you give is "to avoid problems we had with PGP2". Would you
care to elaborate?

> The pleaded GDPR issue is artificial

IIRC Kristian very much doesn't believe in the GDPR, and yet he *just*
discontinued the pool because it caused him too much GDPR legal trouble, which
is a direct consequence of SKS publishing email addresses without explicit
consent. Perhaps I'm misunderstanding what you are describing as "artificial"?

> and entirely ignores the fact that the key or its fingerprint is as well
> personal data (“any information which [is] related to an identified or
> identifiable natural person”) and thus subject to the GDPR rules.

I'm inclined to agree on this one, actually. :) Maybe I'll rephrase the privacy
policy of keys.o.o one of these days, but so far it worked out ok.

 - V

More information about the Gnupg-devel mailing list