a step in the right direction

[Andrew Gallagher]

On 16/01/18 10:57, Stefan Claas wrote:
> And do people always look into blockchain data, when using their wallet to
> do transactions? With public WWW key servers it is imho different.

This is an important distinction.

Ordinary users should not be browsing the raw data. They should be using
tools such as Enigmail that filter out unverified data from their
default views. Sure, if you want to go looking for all the junk
signatures on people's keys you can, but it shouldn't be displayed as a
matter of course.

Now, for various reasons a lot of us on this list have spent far too
much of our lives looking at the raw keyserver data. And similarly, I
have no doubt that a lot of early Bitcoin adopters have looked at the
raw blockchain data.

So we have to distinguish between what is available if one is
sufficiently motivated to go and look, and what is shown to the majority
of users. The vandalism problem is solved by clients not displaying
unverified content. Whereas the "nightmare scenario" happens entirely
out of view of the average user, but has more serious consequences.
Let's not mix them up.

-- 
Andrew Gallagher

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 862 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180116/add23364/attachment.sig>