The never-ending GD discussion, part 74 (was Re: Delete key from
keyserver)
Doug Barton
dougb at dougbarton.net
Sun Oct 23 21:41:45 CEST 2005
David Shaw wrote:
> On Sun, Oct 23, 2005 at 05:16:43PM +0100, Bob Henson wrote:
>>That's not the only reason though. The PGP Global Keyserver is dangerous, as
>>well as a nuisance, for a number of reasons. As it only shows one key on a
>>search for a users name, it might cause people to miss a revoked key and
>>continue using it.
>
>
> This is a misunderstanding about the Global Directory. It does not,
> is not designed to, and should not give more than one key for a given
> email address.
He didn't say e-mail address, he said name. :) I just checked this for
myself, and if I type in "Doug Barton" I get the key that is tied to this
e-mail address, but not the other key that I have uploaded to that server.
This actually explains a common complaint that I hear from PGP users about
not being able to find that other key. So, this turns out to be very useful
information, as I now know to tell them to search for my other key by e-mail
address (which works, btw).
I can see a lot of value in the model you described David, and I agree that
at least having a key where the e-mail address has been verified, on a
server where users actually have the ability to remove keys, is a good
thing. On the other hand, I can see that every other "Doug Barton" in the
world is at a significant disadvantage here, since I got there first. :)
hth,
Doug
--
If you're never wrong, you're not trying hard enough
More information about the Gnupg-users
mailing list