Proposal of OpenPGP Email Validation
2014-667rhzu3dc-lists-groups at riseup.net
Wed Jul 29 02:03:53 CEST 2015
-----BEGIN PGP SIGNED MESSAGE-----
On Tuesday 28 July 2015 at 11:46:10 PM, in
<mid:87vbd3nbnx.wl-neal at walfield.org>, Neal H. Walfield wrote:
> At Tue, 28 Jul 2015 19:22:29 +0100, MFPA wrote:
>> It also eliminates any attempt to to establish a link
>> between the key and the email address in the UID.
> I'm not so sure. Recall that we are not attempting to
> protect against attacks by nation states. As such,
> performing a week of computation each year is going to
> be too much to maintain for those who upload fake keys.
And too much for people with multiple email addresses.
> Moreover, this will automatically purge old keys (or at
> least rank them very low in search results). In other
> words, only people who actually use a given key will
> bother performing the work.
If the search results were returned in order of PoW date, newest
first, that would be great. Are they currently sorted at all, or
simply returned in the order in which they are found?
This still seems less rigorous to me than having to receive an email
sent to that address and decrypt it with that key. I guess it's a case
of swings and roundabouts.
MFPA <mailto:2014-667rhzu3dc-lists-groups at riseup.net>
There is no snooze button for a cat that wants breakfast
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users