Garbled data in keyservers

Stefan Claas stefan.claas at
Wed Dec 5 17:34:18 CET 2018

On Wed, 05 Dec 2018 13:28:50 +0100, Werner Koch wrote:

> A better way of using keyservers would be to entire disable their
> search by name or mail address capabilities.  Not only in the web
> interface but also in their API.  Of course that will be a radical
> change but I consider it better for security: 

Can you give more details about the security aspect?

Currently users can still search sks key servers by names, with
Lynx... :-) As understood key server operators can still give a whole
dump to 3rd parties, which like to analyze the data, or third parties
run their own key server and analyze the data. So what purpose should
your suggestion serve?

If you are talking about GDPR issues, those keys server operators
are not "licensed" by governmental institutions and run their servers
according to some strict regulations.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: Digitale Signatur von OpenPGP
URL: <>

More information about the Gnupg-users mailing list