key question

[MFPA]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi Robert


On Thursday 25 February 2010 at 8:23:30 PM, you wrote:


> On 2/25/10 9:24 AM, MFPA wrote:
>> Some people hate the idea and get *very* upset if their key does end
>> up on the servers.

> What you're advocating here is "DRM on the honor system."  Don't copy
> the key, don't distribute the key, don't upload the key, don't do
> anything with the key, without the explicit permission of the key owner.

I am *not* advocating the implementation of any form of
Digital Restrictions Malware (DRM).

Uploading a somebody else's key without first checking it is OK by
them is a breach of their privacy and could well be illegal/unlawful
in jurisdictions with data protection legislation (for example, if a
company published a customer's key, showing their name and/or email
address, to a server).



> Me, I consider DRM on the honor system to be the exact same as any other
> kind of DRM -- something to be overcome and then ignored.

> If someone asks me nicely, "please do not upload this key," I will
> probably say yes.  But it is a *huge* leap to go from there to "do not
> upload keys without the owners' permission."

I don't see the connection between DRM and a perfectly proper respect
for individual privacy.

The majority of keys contain an email address in the UID. To me, it is
no more acceptable to publish somebody's email address without their
permission than it would be to publish their phone number or postal
address.


- --
Best regards

MFPA                    mailto:expires2010 at ymail.com

Volvo, Video, Velcro. (I came, I saw, I stuck around.)
-----BEGIN PGP SIGNATURE-----

iQCVAwUBS4gHNqipC46tDG5pAQqgsgP+K7G1M6RmXqor4VPOJVvOylvg1nxgVsBe
O8+MJwjFmOxRYPtQksZjbpeFXWdiN3CgurSfEpVZVevdBIwPgi4fkT1tghtu8YVp
s5fHKhWhQlbQ5JRgew3O/PjahVqTPVxIiBFTUdOG9IT4TcuAVpUHPgGbEUXrH29T
9T2o1+4L6Vo=
=OS5L
-----END PGP SIGNATURE-----