key question

David Shaw dshaw at jabberwocky.com
Mon Mar 1 01:55:13 CET 2010


On Feb 27, 2010, at 3:23 PM, Robert J. Hansen wrote:

>> I agree that "generally speaking, it's a good idea to put keys on the keyservers".  I don't know if that makes it conventional wisdom, or who the arbiter of such wisdom might be, but clearly a very common use of OpenPGP is for encrypted mail.
> 
> I likewise have suspicions and doubts about conventional wisdom.  (You could just as easily say, "conventional wisdom is that you can tell a lot about someone by the signatures on their key" -- I can see an argument being made for that being conventional wisdom.  It's *wrong*, but that doesn't keep it from being conventional wisdom.)

You can certainly tell a lot about someone by the signatures on their key.  Either directly from the signature or because those signatures point to other keys that have their own signatures, etc.  With your permission, may I see what I can find from the signatures on your key D6B98E10?  I will of course never post it here or anywhere without your permission.  I will send it only to you, off-list.  I'm not trying to be evil - just demonstrating that you can derive a lot from signatures on a key.  If you do not want me to look, I won't.

David




More information about the Gnupg-users mailing list