Garbled data in keyservers

Stefan Claas stefan.claas at
Sun Dec 9 19:38:31 CET 2018

On Sun, 09 Dec 2018 08:23:03 -0900, justina colmena via Gnupg-users
> On December 9, 2018 7:54:01 AM EST, Stefan Claas
> <stefan.claas at> wrote::
> >
> >Get a sig from a CA and then upload your key via email.
> >  
> That's a bit steep, and was never the original goal of PGP or GPG.

No, in 2018 i think it is not. CA's can be run by non-profit
organizations like EFF etc., which i believe a lot of people trust.

Then don't forget all the worldwide assurers from

> If the goal is to eliminate the bulk of bad keys and junk from key
> servers, an account creation with basic email verification for adding
> or removing keys should suffice.

I don't think so. Create an anon account at ProtonMail via Tor for
example and then do "funny stuff" with those keys.



More information about the Gnupg-users mailing list