keyserver spam

MFPA expires2011 at
Sat Dec 17 16:55:05 CET 2011

Hash: SHA512


On Friday 16 December 2011 at 5:50:53 PM, in
<mid:4EEB84FD.9020408 at>, Daniel Kahn Gillmor wrote:

> well, there's the JBARSE key, which i vaguely recall
> having been created in a joking way to threaten
> character assassination, but i can't find any keys that
> it has actually signed, nor any documentation to
> explain why i have this recollection, so please take
> with a grain of salt.

A couple of years ago, somebody who had joined PGPNET started
a discussion about having a PGPNET signing key to sign the keys of all
the members, IIRC. He was adamant this was necessary and there was a
quite acrimonious discussion. Basically, nobody else wanted it, so he
left the group, created his own "PGPNET Signing Key," signed all the
members' keys with it, and uploaded them to a keyserver. Quite a few
of those keys had not previously been on the servers because not
everybody wants their keys on the servers. Shortly afterwards, the
"JBARSE" signature appeared on the rogue "PGPNET Signing Key." Which
means all those keys now bear a signature from a key that is itself
signed by a key with the UID of "Jane's bondage and rubberwear sex
emporium <JBARSE>"

- --
Best regards

MFPA                    mailto:expires2011 at

There is no job so simple that it cannot be done wrong


More information about the Gnupg-users mailing list