keyserver spam

Peter Lebbing peter at
Sat Dec 17 15:02:04 CET 2011

On 17/12/11 14:23, gnupg at wrote:
> I find it strange that the keyservers don't do any sort of email
> validation before accepting key submissions and that they just allow
> anyone to upload signatures for your key without verifying if you want
> to allow them first.

The key property "keyserver no-modify" is meant to allow people to specify that
only they can change the key. However, this needs crypto in the keyserver
network and the solution to some practical problems. So it currently doesn't work.

You're not the first to think about the problem, and there was even acted upon.
However, there are key pieces missing in the puzzle before it works. Keyserver
synchronization is the biggest obstacle, I believe.

In the mean time, if somebody uploads offensive and spammy signatures, be
offended by the uploader, not by the person whose key is signed.

"--edit-key clean" will remove the cruft you don't need.

"--import-options import-clean" can be useful as well.


I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at

More information about the Gnupg-users mailing list