Preventing public key upload to key-servers

Andrew Gallagher andrewg at andrewg.com
Fri Jan 28 15:51:49 CET 2022 

On 26/01/2022 22:03, jonkomer via Gnupg-users wrote:
> Is there anything that a public key owner can do, to actually
> *ensure* that, if some careless or malicious correspondent
> ignores the comment ("Please do not upload...") and attempts
> to upload his or her (otherwise fully functional) public key
> to the key-server(s), the key upload is rejected?

The short answer is "no", or at best "not yet".

There is a "keyserver preferences/no-modify" flag defined in rfc4880:

```
0x80 | No-modify | The key holder requests that this key only be
modified or updated by the key holder or an administrator of the key server.

```

But this is technically fraught. Most keyservers just ignore this flag,
while keys.openpgp.org effectively assumes that it is always set, but
even then doesn't behave exactly as the spec implies.

keys.openpgp.org will not publish the userID of a key until the key's
purported owner performs an email-based verification, and won't serve
third-party sigs at all. It will however serve the non-userID components
(by fingerprint search) no matter who uploaded it.

Synchronising keyservers don't perform the verification step, due to
conceptual incompatibilities between the (universal) sync model and
(subjective) verification, and so the full key material will be made
available regardless of who uploads them.

There was a proposal in the old rfc4880bis draft that the "no-modify"
flag should specifically prevent distribution of non-attested
third-party sigs, but this would still not affect distribution of the
userIDs and self-sigs, and has not been replicated in the new
crypto-refresh draft. It is also quite likely that once sig attestations
become commonplace, keyservers will stop distributing non-attested
third-party sigs regardless of whether a key owner sets this flag.

Note also that a domain administrator can publish the key of any email
address in the domain via WKD, and this is effectively equivalent to
publishing it on a keyserver.

A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220128/d3f2eb9a/attachment-0001.sig>

More information about the Gnupg-users mailing list