Remove public key from keyserver

Kristian Fiskerstrand kristian.fiskerstrand at
Tue Jan 16 22:41:01 CET 2018

On 01/16/2018 11:40 AM, Stefan Claas wrote:
> Am 16.01.2018 um 11:12 schrieb Kristian Fiskerstrand:
>> On 01/15/2018 09:23 PM, Stefan Claas wrote:
>>> No? I for one would like to be sure that i am the only person who
>>> can upload my public key to a key server directory.
>> This seems to be based on a misconception whereby you're attributing
>> properties of a certificate authority to the keyservers. OpenPGP already
>> has a method for certification from CAs, and that is by providing a
>> signature on the appropriate UID on the public keyblock. As long as the
>> signature is propagated on the keyserver network, these roles can be
>> appropriately isolated and the decision of whether or not to trust a
>> specific CA is left to the user performing the trust calculation,
>> incidentally also allowing for signatures from multiple CAs.
> I'm not sure what you are talking about, a language barrier from my
> side,sorry.
> The CA in Germany (Governikus) i have used sends me my certified key
> back to my
> email address and does not publish my pub key on key servers.

I'm not sure how to put it more clearly, but this seems to bring the
discussion into very specific territory. OpenPGP as a specification
handles this nicely, and whether a CA signature is published publicly or
not doesn't change the modus operandus.

Kristian Fiskerstrand
Twitter: @krifisk
Public OpenPGP keyblock at hkp://
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
"The best way to predict the future is to invent it"
(Alan Kay)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Gnupg-users mailing list