Bogus Key on Keyservers
dshaw at jabberwocky.com
Thu Oct 13 23:13:41 CEST 2005
On Thu, Oct 13, 2005 at 01:26:15PM -0500, Tad Marko wrote:
> If someone creates a key that LOOKS like I created it (my name and
> email address) and uploads it to the keyservers, how can I either get
> rid of it or somehow flag my own key in such a way that it is clear
> which is the real one?
If you use the PGP global directory (ldap://keyserver.pgp.com) as your
keyserver, you can, since it checks the email address by sending mail
On other keyservers, you can't do this. This is what the web of trust
is for; your real key would have signatures proving that it is yours.
More information about the Gnupg-users