Exposing email addresses on key servers

Faramir faramir.cl at gmail.com
Sun Jun 28 05:09:05 CEST 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Jesse Cheung escribió:
> Dear all,
>   I learned that public keyservers are a good way for key exchanges.
> But I am still a little concerned: after all, the UID's contain my
> email addresses so by sending my keys up I am exposing my email
> address to everybody. I'm not sure if there are spammers out there
> doing all these key queries looping over every key-id, but it sounds
> technically possible doesn't it (unless the key-id's are statistically
> _very very_ sparse)?

  Indeed, there are some spammers gathering email addresses from
keyservers, but it seems (from previous discussions about that in the
list) it is not notorious among all the other spam sources...

  You can also use a freeform UID, which contains name and comment, but
leave the email field empty.

  Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBCAAGBQJKRt7RAAoJEMV4f6PvczxAXwgH/29v+SDVgGlT37ih+Y4GUEJN
v515k5DBIuYn91quVFxMbyCHRBi1NatQR3S40gNZFP3882Jguuc9scQRb5KGmqWR
C1XVfqnQN8asXVQHwlOKLCH2Kai6A9rE7eAElz7UaETa/b4wjWSPrxXBtzC14vfy
wgpUw7dz9XK/K8L6ncl0wTp/VdKa6iWl4IrScHnvveC1l6NYwLMoxV5Pnw332aWb
ij1YdRkBoSkUqbs5hQ1XmF+E8oFVIA6IBxbMPE76+78kMYzi2L9UfpQn4F+MuV5f
Hqy4eo/QmtV5RtqbpVB7mofRxLk7Ylkahi7n1VcFcZtKTlnvO+/ybzGA7jQZ/PY=
=mgqP
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list