was Re: PGP Key Poisoner // now "Binding one person's subkey to another person's primary key"

Robert J. Hansen rjh at sixdemonbag.org
Wed Aug 14 21:49:31 CEST 2019

> I've often wondered why the sks software didn't require
> cross-certification.  It seems like that would solve the key poisoning
> issue.

Not enough OCaml programmers, mostly.

Strange but true: SKS has no crypto code in it anywhere.  So the moment
you say "I wonder why SKS doesn't do this thing that involves crypto,"
well, that's the answer: because it involves crypto and nobody has ever
added that capability to SKS.

More information about the Gnupg-users mailing list