vedaal at nym.hush.com vedaal at nym.hush.com
Tue Jan 16 22:24:53 CET 2018

Robert J. Hansen rjh at sixdemonbag.org wrote on
Tue Jan 16 17:42:29 CET 2018 :
>> The mechanism to prove you are the owner of a public key is pretty much
>> in place :-). A mechanism where you can have a signed statement saying
>> "on 2018-01-16, I allow my key to show up on keyservers"

>It is theoretically and practically possible to have a keyserver that
>honors such requests, but what many people want is *enforcement*.  Not
>merely a voluntary system that's trivially circumventable, but some
>mechanism by which their public keys can be actively kept out of


It could be done automatically by the keyservers if they wanted to,
and if they made it that *the only way* a Public key can be uploaded to that keyserver,
if it were accompanied by a signed statement by that key,  stating " I allow my key to show up on keyservers".

Ideally, if this could be done by gnupg by editing the key, much the same as editing an e-mail address, it would streamline the process;

i.e. something like this:

gpg --edit-key foo
Secret key is available.
[ultimate] (1). foo <foo at key.test>

gpg> --allow-keyserver-publication

gpg: This requires you to sign that you allow keyserver publication of your key, and will be added as a comment to your key.
Do you really want to do this?  Y/N

gpg: Please enter passphrase to sign

gpg;  your key now has a comment  "Keyserver Publication Allowed"

gpg: you may upload this key to any participating keyserver

or something along those lines, assuming that keyservers will abide by this and require this 'comment' before accepting a key 


More information about the Gnupg-users mailing list