RFE: --update-before-use
Robert J. Hansen
rjh at sixdemonbag.org
Thu Jun 14 22:34:42 CEST 2012
> 1) If the keyserver (of whatever type) isn't reachable...
As you say, easy to solve: agreed.
> 2) Concern that enough people turning this feature on would add
> significant load to the keyserver network...
An open question and one we'd need to address: agreed.
> 3) It leaks information more than auto-key-retrieve or
> auto-key-locate does.
I'm not entirely sure this is a problem. If you're concerned about the
keyserver operator knowing that you're acquiring certificates, why would
you use that keyserver? Why not use a different keyserver instead? If
there were a single centralized keyserver, or a keyserver hierarchy
where individual nodes took marching orders from those above them, this
would be much more of a problem -- but here, the decentralized nature of
the keyserver network seems to work in our favor.
More information about the Gnupg-users
mailing list