lsign produces exportable signatures when used for self-sigs

Nicholas Cole nicholas.cole at gmail.com
Fri Sep 13 17:35:00 CEST 2013


On Fri, Sep 13, 2013 at 3:42 PM, Daniel Kahn Gillmor
<dkg at fifthhorseman.net> wrote:
> On 09/13/2013 09:49 AM, Peter Lebbing wrote:
>> On 2013-09-13 14:24, Nicholas Cole wrote:
>>> The correct way would be to have keyservers
>>> honour the no-modify flag, or perhaps have some notation on the ID
>>> that prevents uploading to a public keyserver.  I myself would favour
>>> the latter approach.
>>
>> The latter has the same problem as the no-modify flag: it can be
>> subverted by someone as long as the keyservers do not do crypto.
>
> yes, pretty much anything can be published as long as the keyservers do
> not do crypto.  That's something that the keyservers need to fix, as it
> would prevent other problems as well.
>
> In the meantime, we can produce certifications that won't be
> misinterpreted by the keyservers as they currently exist, and can be
> validated by any future keyservers that do proper cryptographic checks.

Well. Why not trust your circle of contacts (because anyone using this
scheme must be in a small circle) not to upload the keys to
keyservers?

Perhaps if there is enough demand gpg could even have a "Never send
these keys to keyservers" option in the config file, taking a list of
fingerprints.

Just a thought.  I'm against doing something that goes against the
standard when there are other ways to achieve it.

N.



More information about the Gnupg-users mailing list