Don't send encrypted messages to random users

Phil Pennock gnupg-users at
Wed May 31 03:34:04 CEST 2017

On 2017-05-29 at 18:58 +0000, listo factor via Gnupg-users wrote:
> This I find surprising: if one does not want receiving
> encrypted messages from those that he does not have
> existing relationship with, why does he publish his
> public key on public keyservers?

(1) Who says they published it?  If person A has a PGP key and shares it
    with a group of people, anyone in that group can upload it to the
    keyservers.  The keyservers are a _swamp_.  Smelly and polluted.
    Still useful (I run one and help others) but presence of data in the
    keyservers means very little.

(2) I sign software releases of security-sensitive code (Exim,
    sieve-connect, etc); lots of people need to be able to validate the
    signatures upon that code.  I'm quite proud of Exim's history of
    making sure that signatures upon releases can be verified, with keys
    in the Strong Set, etc.

(3) If I publish just signing subkeys, not encryption subkeys, but
    someone uses finger(1) to get the full key and uploads it to the
    keyservers, then inconsistent old data is present if I don't then
    keep the keyserver data at least "current".

(4) Very occasionally I receive security reports of potential issues
    relating to Exim, or mail other people and want them to be able to
    reply encrypted.  Having the encryption key present allows
    encryption to take place.  This does not mean that I'm willing to be
    Everyone's Test Oracle That Things Work When They Learn.  There are
    seven billion people on the planet but I have little interest in
    being the unpaid test subject for most of those people.  I am
    interested in the one or two encrypted messages I get per year from
    strangers which are actually sensitive and where it benefits _me_ to
    decrypt it.

(5) If talking encrypted requires work from person A and person B, then
    talking encrypted had better benefit both person A and person B.  If
    person A benefits but person B doesn't but person B isn't given any
    choice in the matter, this becomes a tax drain on time and resources
    and a sense of entitlement from A that they're some special
    snowflake who should be able to demand free time and attention from
    anyone on the Internet that they feel like pestering does not make
    it right for them to do so.

If I need to talk to someone in person at a party and they don't know
me, I might go up, cough discreetly, wait for them to acknowledge and
ask me what's up, then chat and see how things go from there.  I don't
go up and interrupt what they're doing and shout in their face that they
must drop everything and help me out Right Now.  Not unless lives are on
the line and to date, I've been fortunate that they never have been.

It's called good manners.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 996 bytes
Desc: Digital signature
URL: </pipermail/attachments/20170530/1858cb9c/attachment.sig>

More information about the Gnupg-users mailing list