useless test keys and keyservers

Greg Sabino Mullane greg at
Tue Mar 1 00:55:41 CET 2005

Hash: SHA1

> IMHO, anyone who signs emails to a public mailing list should make
> their public key available with the minimum of fuss. This, to me,
> means putting it on one of the recommended keyservers,

Or simply putting a URL to a webpage with their key in the headers
or the sig. (which allows them to give you their preferred copy
of their key)

> All keyservers support the option to not upload your key - it's just
> that once a key is public, there's no real way of stopping it being
> submitted by someone else. Thereagain, if the key IS public, it should
> be on a public keyserver - that's my case.

How about, if the key IS public, it should be made publically available.
Right now, the main option for doing so is the keyservers, which unfortunately
have the flaw that anyone can make changes to anyone else's public key.
That's why some people prefer a self-controlled web page.

- --
Greg Sabino Mullane greg at
PGP Key: 0x14964AC8 200502281856



More information about the Gnupg-users mailing list