Garbled data in keyservers
stefan.claas at posteo.de
Sun Dec 9 19:38:31 CET 2018
On Sun, 09 Dec 2018 08:23:03 -0900, justina colmena via Gnupg-users
> On December 9, 2018 7:54:01 AM EST, Stefan Claas
> <stefan.claas at posteo.de> wrote::
> >Get a sig from a CA and then upload your key via email.
> That's a bit steep, and was never the original goal of PGP or GPG.
No, in 2018 i think it is not. CA's can be run by non-profit
organizations like EFF etc., which i believe a lot of people trust.
Then don't forget all the worldwide assurers from CAcert.org.
> If the goal is to eliminate the bulk of bad keys and junk from key
> servers, an account creation with basic email verification for adding
> or removing keys should suffice.
I don't think so. Create an anon account at ProtonMail via Tor for
example and then do "funny stuff" with those keys.
More information about the Gnupg-users