Keyserver spam example
expires2010 at ymail.com
Fri Jun 11 18:10:54 CEST 2010
-----BEGIN PGP SIGNED MESSAGE-----
On Thursday 10 June 2010 at 4:39:46 PM, in
<mid:201006101739.46469.mailinglisten at hauke-laging.de>, Hauke Laging
> But that is the wrong argument. The correct argument is
> about the key server share of spam in a world in which
> nearly everyone has a public key. Of course, in that
> world signatures may be used to prevent spam. So the
> problem is mainly the mean time.
Another solution would be hashing the email address in a key's
user-id, so that somebody knowing the address could find the key on
the server, but the keyserver didn't publicly list the address. I just
noticed you advocate this further on in your message (-;
> If you have an email address then you get spam. That is
> a reliable rule. But people cannot decide not to have
> an email address, that is virtually impossible.
They could always use disposable email addresses, or use a different
address for communication with each contact.
> people CAN decide not to have a public key (on key
They can also choose to publish a key but not to include their email
address in any of the user-ids. This makes the key pretty much
impossible to find without the key-id. Unfortunately it also confuses
some email clients, and has web-of-trust implications (because many
people are unwilling to sign a key that shows no email address).
MFPA mailto:expires2010 at ymail.com
Experience is the name everyone gives to their mistakes
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users