Exposing email addresses on key servers

Joseph Oreste Bruni jbruni at me.com
Tue Jun 30 05:01:45 CEST 2009

On Jun 28, 2009, at 8:34 PM, Jesse Cheung wrote:

> Since I still feel totally green in this area I am still listening to
> opinions on the list and haven't pushed my key yet :P

Hi Jesse,

There is no rule that says you must upload your key to a keyserver. If  
you are concerned that others might find your email address, then  
simply don't upload your key. If you then want someone to have your  
PGP key, you simply exchange it some other way (e.g. email, web page,  
memory stick).

Keyservers make it convenient to locate others' keys by searching on  
key ID or email addresses.

FWIW, I have had my PGP key in circulating in keyservers since 1997.  
Only my yahoo.com address gets buried in spam but that address has  
never appeared in my PGP key. Instead, I have used that address for  
registering at sites that require email addresses for access to  
content, such as New York Times. That address gets hundreds of spams a  


More information about the Gnupg-users mailing list