keyserver spam

gnupg at lists.grepular.com gnupg at lists.grepular.com
Fri Dec 16 16:51:34 CET 2011


I understand that once you've uploaded something to the keyservers, it
can't be removed. Eg, if I sign someone elses key and upload that, it
will be attached to their key permanently?

What if someone were to generate say, 10,000 keypairs with "offensive"
uid names, and then sign my key with each of them, and then upload that
to the keyservers? Is there anything to stop that? Is there anything to
stop a spammer generating a key with their URL in the uid name and then
signing every key they can find and uploading that to the keyservers?

Has anything like this happened before?

-- 
Mike Cardwell https://grepular.com/  https://twitter.com/mickeyc
Professional  http://cardwellit.com/ http://linkedin.com/in/mikecardwell
PGP.mit.edu   0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 598 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20111216/d915977f/attachment.pgp>


More information about the Gnupg-users mailing list