Key server question
Werner Koch
wk@gnupg.org
Wed, 8 Dec 1999 20:36:11 +0100
On Wed, Dec 08, 1999 at 06:57:41PM +0000
Lars Hecking wrote:
> Does the keyserver directive in ~/.gnupg/options go both ways, or should
> I assume that one of the individuals I made my key available to under
> the condition not to publicise it did just that? Maybe accidentally?
Probably yes.
ObenPGP has a flag defined that only the holder of a key is allowed to
upload the key to a keyserver and GnuPG sets this flag. However, the
HKP Server (pgp.net) do not have a way to check it.
Pretty nice DoS: Create some hundred keys with a friends name and
uplod them to the servers. If someone wnats to get your firends key
he will have some problems to figure out the right one.
--
Werner Koch at guug.de www.gnupg.org keyid 621CC013