useless test keys and keyservers

Neil Williams linux at
Mon Feb 28 19:49:07 CET 2005

On Monday 28 February 2005 6:19 pm, Melissa Reese wrote:
> I think Neil made some interesting points about the automatic purging
> option, 

Melissa, could you put your key on a keyserver somewhere? 

> but I am very interested in a couple things the new PGP Global 
> Directory beta makes possible, which allows a key owner to not only
> remove their own keys from the keyserver,

I don't like that option - I can't see any benefit to the ordinary user who 
simply wants to check the signatures on my key. Plus the GD puts masses of 
useless signatures on your key too - my key is one of those that will never 
go on GD. It's fortunate that GD have implemented the 
non-owner-refuse-submission as this is the only way of protecting your keys 
from their signature attacks.

> but also to decide whether 
> or not their keys are uploaded to the keyserver in the first place.

IMHO, anyone who signs emails to a public mailing list should make their 
public key available with the minimum of fuss. This, to me, means putting it 
on one of the recommended keyservers, e.g.

> These are two things I've been wanting to see for a long time, and
> wouldn't mind if all the keyservers adopted these options.

All keyservers support the option to not upload your key - it's just that once 
a key is public, there's no real way of stopping it being submitted by 
someone else. Thereagain, if the key IS public, it should be on a public 
keyserver - that's my case.


Neil Williams

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20050228/2c046c01/attachment.pgp

More information about the Gnupg-users mailing list