German ct magazine postulates death of pgp encryption

Kristian Fiskerstrand kristian.fiskerstrand at sumptuouscapital.com
Mon Mar 2 22:36:19 CET 2015 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 03/02/2015 12:12 PM, Kristian Fiskerstrand wrote:
> On 03/02/2015 10:16 AM, gnupgpacker wrote:
>> Hello,

Seems I inadvertently sent this message only directly without CCing
the list

> 
> 
> ..
> 
> 
>> This procedure should be implemented in keyservers.
> 
>> No CA needed, no centralisation necessary => just verifying of 
>> existing AND proper working email addresses.
> 
> This _is_ a CA, granted with weak verification (could arguably say 
> similar to domain validated X.509 certs), but conceptually a CA
> none the less. Such weak verification does not rely on being
> implemented in keyservers, and would be better off outside it.
> 
> 
>> Additional: There are lot of old keys on keyservers not being 
>> verified in described manner.
> 
> Because they are not designed for it, nor need it.
> 
>> Those keys (or the newer, verified ones) could be marked with a 
>> short hint on keyservers to differ between verified and not 
>> verified email addresses.
> 
>> Facility of deleting own (!) keys on keyserver wanted for old 
>> (revoked, expired, test, failed...) keys.
> 
> This could open up to several attacks, in particular where keys
> have been revoked. The keyservers are add only for a reason, and
> should remain so.
> 
> 
> 

- -- 
- ----------------------------
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- ----------------------------
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ----------------------------
"Expect the best. Prepare for the worst. Capitalize on what comes."
(Zig Ziglar)
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJU9NfPAAoJEP7VAChXwav6eSoH/1Gmz850g/CtJjo5La10GeO5
mIojoblh3P6k8yJ2FyHJqBQM12BqYXzjIa+cJizBBQG8ZSw4feX7kP2Ucznx37H/
8UUzUmWEFDDF0A4asNX1oVo4xaDmJbbqyBIRzOIkDXsyoyC1vrKdfnA7wODO9U+F
x4DBgOq/IaPVsZggeeEuKc5SoYKXhZ9+eHcPsSCWh0JrHR11YHR9nIV5LuxXoY0d
z0X+afV2cExRRD8iGWb7QIA/sR33V2IaGCUfIwhi4+O+xmzETZTohiO03Jx5hE7H
N/JYSPeNOSaVPPZ+2TNsbYkVs3RMOMdb3TvTZAQCOoNXo28T8nkAg8n0UZA3X9g=
=EpMZ
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list