New keyserver at keys.openpgp.org - what's your take?

Werner Koch wk at gnupg.org
Fri Jun 21 15:32:24 CEST 2019


On Fri, 21 Jun 2019 12:03, gnupg-users at gnupg.org said:

> here is a article (only in german) from Heise:

By the very same guy who showed in the past that he has no clue about
keyservers and their goals and ignored all comments gathered about this
before writing an article [1].

That new thing now is the n-th repetition of the same game: Replacing
PGP by a centralized approach, or well many centralized approaches, in
an attempt to repeat the story of S/MIME.  PGP has its strengths in the
idea of not having the one-and-only-distributor-of-all-keys and thus a
SPoFailure/Denial/Surveillance.  If we want that it is easier to go with
S/MIME.

An in-house keyserver is sometimes a good idea but a global validating
keyserver is a failed idea.  Being under the AGPL may also be
problematic because the code can't be used for in-house deployments and
the AGPL often smells a little bit like a trigger for an Open Core
business model.


Salam-Shalom,

   Werner


[1] https://werner.eifzilla.de/20150224-re-die-schlssel-falle.html

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190621/ba52f213/attachment.sig>


More information about the Gnupg-users mailing list