Tor and keyservers

Peter Lebbing peter at
Wed Feb 24 21:55:58 CET 2016

On 24/02/16 21:41, Lachlan Gunn wrote:
> The idea is to see whether we can make something with security between the
> WoT and "download a random key and see what happens" that doesn't require
> user intervention.  Whether this would be too burdensome remains to be seen.

Thanks for the explanation. Good luck! Post-Snowden, you sure see a lot of
people trying to reduce the burden of key verification... But some ideas are
better thought out than others. A lot of misconceptions out there, it seems.

> despite the lack of what I guess you might term biometric authentication.

Personally, I stay far from actual biometric authentication. I can't revoke my
eyes... and biometric scanners that aren't easily fooled are insanely expensive.
Watch out with that logical implication there: some insanely expensive biometric
scanners can be easily fooled :).

It's interesting you're using "biometric" as a qualifier implying something
"good". I wouldn't agree.



I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

More information about the Gnupg-users mailing list