German ct magazine postulates death of pgp encryption
mirimir at riseup.net
Sat Feb 28 02:19:52 CET 2015
On 02/27/2015 01:12 PM, Andreas Schwier wrote:
> So what exactly is the purpose of the keyserver then ? If you expect me
> to still verify fingerprints out of band, why would I grab a - probably
> bogus key - from a keyserver first place ? I could immediately ask my
> peer to send it by mail.
I find keyservers most useful when I receive a signed (and typically
encrypted) email from someone whose public key I don't have. Enigmail
reports an untrusted signature. So I hit Details, and accept its offer
to get the requisite key from (by default) <pool.sks-keyservers.net>.
If I need the public key of someone new, I first look on <keybase.io>.
If it's not there, or on their website or blog, I typically just request
it by email.
More information about the Gnupg-users