explain nrsign & lsign?

David Shaw dshaw at jabberwocky.com
Thu Feb 1 22:39:34 CET 2007

On Thu, Feb 01, 2007 at 09:43:52AM -0800, Randy Burns wrote:

> > > OTOH, addresses taken from the addressbook as available on the host
> > > (== zombie Windows PC) are much more effective than harvesting the web
> > > or kyeservers. These local addresses are more certain to actually be
> > > used and even better: the recipient of the spam knows the sender.
> > 
> > Indeed.  It is also possible that the keyservers aren't being targeted
> > specifically as keyservers, but rather that people have links to
> > keyserver searches out there, and the spammers are just using a
> > crawler that happens to follow that link.  Some keyservers don't
> > obfuscate their search results.
> Something to think about when organizing a keysigning too. Avoid putting a
> participant list on a webpage. Just a keyring maybe.

Good point.  I like the service that biglumber provides for
keysignings.  It nicely automates a lot of the bookkeeping, tracks the
participant list, etc.  It also makes the information spam-unfriendly.


More information about the Gnupg-users mailing list