German ct magazine postulates death of pgp encryption
patrick at enigmail.net
Sun Mar 1 17:21:22 CET 2015
-----BEGIN PGP SIGNED MESSAGE-----
On 01.03.15 16:38, Kristian Fiskerstrand wrote:
>>> In general I believe this to be an insufficient form of
>>> identification that really doesn't provide much of anything
>>> useful, but at least the PGP keyserver does it reasonably sane
>>> in its methodology by creating a signature from their CA on
>>> the key. Whether you put any merit to having such a CA
>>> signature or not is left up to the user (excluding for now the
>>> "fun" related to the spammy number of signatures from it)
>> Yes, I know. The re-confirmation every few months together with
>> re-signing the keys is among the things I dislike about
>> keyserver.pgp.com. But in general, I think that keyservers need
>> to go in that direction if we want to enable easy use of OpenPGP
>> in email (which requires in some way or another to download
>> missing keys automatically).
> You wouldn't need the keyservers to be involved in this at all.
> Anyone could set up such a mail verification CA outside of the
> keyserver network.
Perfectly correct, yes. This is exactly what I'm proposing. I believe
that the current keyserver network cannot do this. I just don't have
the time to (also) work on this...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
-----END PGP SIGNATURE-----
More information about the Gnupg-users