Proposal of OpenPGP Email Validation

Kristian Fiskerstrand kristian.fiskerstrand at sumptuouscapital.com
Wed Jul 29 16:13:06 CEST 2015


[Sent from my HTC, as it is not a secured device there are no cryptographic
keys on this device, meaning this message is sent without an OpenPGP
signature. In general you should *not* rely on any information sent over
such an unsecure channel, if you find any information controversial or
un-expected send a response and request a signed confirmation]
On Jul 29, 2015 4:02 PM, "MFPA" <2014-667rhzu3dc-lists-groups at riseup.net>
wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Hi
>
>
> On Wednesday 29 July 2015 at 1:47:35 PM, in
> <mid:55B8CB67.105 at sumptuouscapital.com>, Kristian Fiskerstrand wrote:
>
>
> > On 07/29/2015 02:41 PM, MFPA wrote:
> >> That would be good: mail clients that applied a rule
> >> to only use  validated keys would otherwise deny
> >> service when emailing somebody who is trying to keep
> >> their key off the keyservers.
>
> > Are they really the target group for this proposal?
>
> The target group for an email address validation certificate on my key
> would be people who wanted to email me.

You are still in control of that given that you can (i) opt not to click
the validation link, so other users defer back to WoT, same as today (ii)
elect not to give any ownertrust to the CA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20150729/e6354595/attachment.html>


More information about the Gnupg-users mailing list