key question

Yawar Amin yawar.amin at gmail.com
Fri Feb 26 02:29:30 CET 2010


On 2/25/10 1:04 PM, John Clizbe said:
> MFPA wrote:
>   
>> On Thursday 25 February 2010 at 3:53:23 AM, in
>> <mid:4B85F433.1040405 at Mozilla-Enigmail.org>, John Clizbe wrote:
>>     
>>> MFPA wrote:
>>>       
>>>> Hi John
>>>>         
>>>> On Thursday 25 February 2010 at 12:17:36 AM, you wrote:
>>>>         
>>>>> It is also a good idea to send your key to the keyservers.
>>>>>           
>>>> But is, of course, a matter of personal choice.
>>>>         
>>> Whatever. Everything in life is a matter of personal choice.
>>>       
>>> Was there some point you wished to make?
>>>       
>> My point was that not everybody wishes/chooses to send their keys to
>> the keyservers.
>>     
>
> Then you need not send your key to the keyserver network. Pretty simple personal
> choice, huh? Don't want to? Don't do it.
>
> Whether one chooses to send his key to the keyservers or not, it is still a good
> idea and in the interest of the OpenPGP community to utilize the keyservers.
> *Public* key encryption is fostered by the *public* dissemination of keys and
> the keyservers are, IMO, the best mechanism for that. I stand by my earlier
>   

I interpret that word, public, differently. To me just because a key
_can_ be made public doesn't mean it automatically _should_.

> statement.
>
>   
>> Some people hate the idea and get *very* upset if their key does end
>> up on the servers.
>>     
>
> Ohhhhhhhhhhhhhhh... I see. Do they take their ball and go home? Do they jump up
> and down? Stomp their feet? Hold their breath until they turn blue? Do they
> forward private email to a public list?
>   

They may have reason--by looking at signatures on a public keyserver,
anyone can figure out which people you communicate with securely. How
would you like the idea of governments worldwide starting to keep tabs
on you if one of the people who've signed your key turns out to be a
criminal, a terror suspect, or a child porn collector?

Uploading a signed public key to the 'net is a sure way of taking away
people's freedom to keep their associations private. They may choose to
give that up for themselves, but you shouldn't slam them for keeping
their options open.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20100225/af7c7d9b/attachment.pgp>


More information about the Gnupg-users mailing list