Unwanted additions to Keys (was: Thawte Web-Of-Trust)

Werner Koch wk@gnupg.org
Thu, 6 Jul 2000 16:32:51 +0200

On Thu, 6 Jul 2000, Huels, Ralf KSV wrote:

> Maybe it would hamper the entire concept of public key exchange too
> much, but sometimes I think some protocol to ascertain the key
> owners consent before tampering with the key is possible would
> be desirable.
OpenPGP has a flag meaning that only the owner of a key can modify the key on the keyserver. He has to send signed updates to the keyserver. Most keyservers don't care about this flag (at least I have never seen a reject froma keyserver for that reason). In any case, this flag solves only one problem. It is still possible to flood keyservers with new keys or updates for them without a chance to inhibt this. Werner -- Werner Koch OpenPGP key 621CC013 OpenIT GmbH tel +49 211 239577-0 Birkenstr. 12 email wk@OpenIT.de D-40233 Duesseldorf http://www.OpenIT.de