allow-non-selfsigned-uid issue with key from keys.openpgp.org that contains no identity information

Werner Koch wk at gnupg.org
Thu Aug 1 21:58:56 CEST 2019


On Thu,  1 Aug 2019 09:27, gnupg-users at gnupg.org said:

> We're already in uncharted waters with the inevitable abuse of SKS, we
> need to figure out how to stabilize the ecosystem.

Most businesses do not use public keyservers at all but use their
internal PKI.

> If the PGP implementation of OpenPGP has bugs or doesn't behave well in
> the context of a minimized/stripped certificate, let's ask them to fix
> those bugs.  The bugs in how that implementation interprets data are

Good luck.  PGP is in maintenance mode and there won't be any updates.
We even had layer-8 problems back in the times when Hal was still
alive/unfrozen to get new OpenPGP features into PGP.  In particular
companies will hesitate to update their once purchased PGP.


Salam-Shalom,

   Werner


-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190801/bc054eaa/attachment.sig>


More information about the Gnupg-users mailing list