Proposal of OpenPGP Email Validation

MFPA 2014-667rhzu3dc-lists-groups at riseup.net
Wed Jul 29 02:03:53 CEST 2015 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Tuesday 28 July 2015 at 11:46:10 PM, in
<mid:87vbd3nbnx.wl-neal at walfield.org>, Neal H. Walfield wrote:


> At Tue, 28 Jul 2015 19:22:29 +0100, MFPA wrote:
>> It also eliminates any attempt to to establish a link
>> between the key and the email address in the UID.

> I'm not so sure.  Recall that we are not attempting to
> protect against attacks by nation states.  As such,
> performing a week of computation each year is going to
> be too much to maintain for those who upload fake keys.

And too much for people with multiple email addresses.



> Moreover, this will automatically purge old keys (or at
> least rank them very low in search results).  In other
> words, only people who actually use a given key will
> bother performing the work.

If the search results were returned in order of PoW date, newest
first, that would be great. Are they currently sorted at all, or
simply returned in the order in which they are found?

This still seems less rigorous to me than having to receive an email
sent to that address and decrypt it with that key. I guess it's a case
of swings and roundabouts.




- --
Best regards

MFPA                  <mailto:2014-667rhzu3dc-lists-groups at riseup.net>

There is no snooze button for a cat that wants breakfast
-----BEGIN PGP SIGNATURE-----

iQF8BAEBCgBmBQJVuBh1XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXw31EH/2pRMlByL/KlNaIWBL7HYmUV
thLGzhoiTjMCM3aWpGEsRtCXGiUbykPl16dL8A7siSHH6kSIklOpYUviRSp09M6o
GhRRGQcqQ/1xWcQRdb64q6QHHCCQSHDWUk1o1uiGG0BUmKf7lhB25LifCVCLNZ4L
1tYAZJdylNrwTAYRZlZqesirhJi0f9r40dmMR87wye4eInQBLkqeB++BmAqM6V00
KzdmRf7acR9pD3Hz0lyHkFGRqm3PY5lIRqad3XhsQ7Ln5BQyVNrsnN//7/lUXFPD
NKQmWXlF+MKl3t7s5BSkt0yLtJCujrzh6AdUZoyYjITCuF7TiS0G4076LxW3POWI
vgQBFgoAZgUCVbgYe18UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx
MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45G4sAP9whBfAE5Vg0aO3J9u1vIxTOJr0
d6PmgM2WntglbHyLGQEA00g7R8WvHgZIuaYrqZm/ndRW8C7RZNguQvyDFbxa4Qc=
=ogbj
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list