Difficulty of fixing reconciliation
Jason Harris
jharris at widomaker.com
Thu Aug 15 06:02:41 CEST 2019
> On Aug 14, 2019, at 6:32 PM, MFPA via Gnupg-users <gnupg-users at gnupg.org> wrote:
> On Wednesday 14 August 2019 at 10:39:56 AM, in
> <mid:33b6296c-8619-dab1-d83d-d67b9d5cba2f at tana.it>, Alessandro Vesely
> via Gnupg-users wrote:-
>
>> I'm no expert, but it seems to me that 3rd party
>> signatures should not
>> be allowed.
>
> Perhaps a "keyserver no-third-party-signatures" option would resolve
> this. Unlike "keyserver no-modify", honouring it would not require a
> keyserver to undertake any cryptographic checking.
No, then the “attack” just changes to making the issuing keyid = the keyid being attacked, so everything looks like a selfsig...
But at least then we will want to add cryptography to see which selfsigs are truly legitimate, right?
Sent from my iPad
More information about the Gnupg-users
mailing list