key question

MFPA expires2010 at
Fri Feb 26 18:38:52 CET 2010

Hash: SHA512

Hi Robert

On Thursday 25 February 2010 at 8:23:30 PM, you wrote:

> On 2/25/10 9:24 AM, MFPA wrote:
>> Some people hate the idea and get *very* upset if their key does end
>> up on the servers.

> What you're advocating here is "DRM on the honor system."  Don't copy
> the key, don't distribute the key, don't upload the key, don't do
> anything with the key, without the explicit permission of the key owner.

I am *not* advocating the implementation of any form of
Digital Restrictions Malware (DRM).

Uploading a somebody else's key without first checking it is OK by
them is a breach of their privacy and could well be illegal/unlawful
in jurisdictions with data protection legislation (for example, if a
company published a customer's key, showing their name and/or email
address, to a server).

> Me, I consider DRM on the honor system to be the exact same as any other
> kind of DRM -- something to be overcome and then ignored.

> If someone asks me nicely, "please do not upload this key," I will
> probably say yes.  But it is a *huge* leap to go from there to "do not
> upload keys without the owners' permission."

I don't see the connection between DRM and a perfectly proper respect
for individual privacy.

The majority of keys contain an email address in the UID. To me, it is
no more acceptable to publish somebody's email address without their
permission than it would be to publish their phone number or postal

- --
Best regards

MFPA                    mailto:expires2010 at

Volvo, Video, Velcro. (I came, I saw, I stuck around.)


More information about the Gnupg-users mailing list