keyserver spam
Johan Wevers
johanw at xs4all.nl
Fri Dec 16 17:42:59 CET 2011
On 16-12-2011 16:51, gnupg at lists.grepular.com wrote:
> I understand that once you've uploaded something to the keyservers, it
> can't be removed. Eg, if I sign someone elses key and upload that, it
> will be attached to their key permanently?
Yes. Of course, you can remove it locally.
> What if someone were to generate say, 10,000 keypairs with "offensive"
> uid names, and then sign my key with each of them, and then upload that
> to the keyservers?
Then you might have a problem.
> Is there anything to stop that?
Not really.
> Has anything like this happened before?
The only thing that comes close is the keyserver at (I believe) pgp.com,
who issues a new signature every few months clogging your key with
expired signatures.
--
Met vriendelijke groet,
Johan Wevers
More information about the Gnupg-users
mailing list