useless test keys and keyservers
Stewart V. Wright
swright at physics.adelaide.edu.au
Tue Mar 1 02:51:57 CET 2005
G'day Entity-that-is-possibly-Melissa,
* Melissa Reese <mreese at calarts.edu> [050228 18:54]:
> I'll be looking into getting a web page set up for my keys, but for
> now, I distribute them via email auto-responder. Just click on the
> mailto in my signature, and send the resulting email message. An
> auto-reply with the keys will be sent immediately.
IMHO this is a pain. Some (most?) of us on this list don't use "click"
type mailers. So for me to get your key I need to unmangle the mailto,
workout what subject line I need to use and then finally send it off.
Guess how much motivation I have for doing that? I'd never bothered
even reading your signature so I never would have found out the
instructions were there...
Key servers were set up so people didn't have to to something like
you have done. Heck, if you have the power to set up an email account
that is an auto-responder, just have it auto-respond to any email, don't
make us have to send both a subject _and_ and message body. I think
that we will make the spread and use of OpenPGP grow by making it
easier, not harder for people to verify signatures.
> And this is why I prefer to distribute my own keys. For the moment,
> via email, and when I can finally get it together, on a web page.
So do you only envisage using your key to sign messages? If you want to
use the encryption part then it becomes silly to have your philosophy.
Take as an example someone, who wants to send you an message that your
ISP isn't to read. This person would now have to mail you to get the
key - thereby revealing to anyone who was listening in to your
communications that entity controlling email address XYZ is interested
in talking to you privately. Then you can get asked questions like "Why
does <competition ISP> want to to talk to you?".
Just a thought,
S.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 274 bytes
Desc: Digital signature
Url : /pipermail/attachments/20050228/752967bd/attachment.pgp
More information about the Gnupg-users
mailing list