Remove public key from keyserver

Stefan Claas stefan.claas at posteo.de
Tue Jan 16 16:34:57 CET 2018


On Tue, 16 Jan 2018 08:52:44 +0100, Werner Koch wrote:

> I wonder why you seem to suggest the US based keybase.io as a better
> solution.  After all keybase.io is a service which connects private
> data to private data of other sites and that all in the public.  I
> would consider this a real privacy problem compared to a public mail
> address on a keyserver with no other associated private data.

(sorry for the late reply, i did not see this message this morning)

Well, it is up to the user what he / she publishes on keybase.io besides
the public key. He / she is not forced to provide any identity via other
web sites etc. Doing this is a method they have implemented as sort
of another way of a web of trust, so to speak.

Why do i prefer keybase.io over the old key server system? Because
i am in control of my public key there, so that nobody can do funny
things with my key, like it is possible with the old key servers. If
people would like to sign my key they would have to provide me
my signed key so that i can upload it to keybase and not like the
other way the old key servers let people do, without my approval
first.

> The mail address is a technical necessity to send mail; mapping the
> mail address to a key is a technical necessity to send encrypted
> mail.  So what keyservers do is to provide a directory of public keys
> - in the same way as white pages of the phone systems.  Nobody
> requires you to enter you phone number / public key into a
> directory.  But if you want to receive phone calls / encrypted mails
> you need to somehow publish this data.  You can't remove your name
> from white pages either - they used to be printed in sometimes
> millions of copies.

Understood, but what speaks against a (syncing) public key server
system like the old pgp.com key server was, compared to the regular
key servers, which don't allow deletion of a key, by the owner and if
i remember correctly also only upload by the owner.

As it is of now with SKS and Co. i think in 2018 such a key server
model does not help for a clean database, which everybody can
look up, nor does it help users to protect their keys nor deleting
their keys, in case they like to do so.

Regards
Stefan


-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas



More information about the Gnupg-users mailing list