Preventing public key upload to key-servers
jonkomer at yandex.com
Fri Jan 28 21:02:03 CET 2022
> A. G. via <gnupg-users at gnupg.org>:
> The short answer is "no", or at best "not yet"...
Thank you very much for the response and comprehensive
In this case, the mail domain owner is actually the one
that needs this level of control: he insists on the ability
to positively respond to individual e-mail users' GDPR
"forget me" requests.
He is running an in-house mail server, and would like to
direct "members" to use OpenGP encrypted mail for all
member-to-member communication, and encourage the same
for members' "general" e-mail correspondence. To this
end it is desirable to give the users the option to
create "personalized" mail account addresses (i.e.,
<john.doe at example.org>) and include their first/last
name in the public key.
Domain owner intends to operate a "members only" public key
dissemination and fingerprint verification mechanism. When
the user is removed from the "membership", (either by the
domain owner action or by his or her own request), the mail
address (and any/all other personal data) is deleted and
promptly removed from the publicly exposed Internet domain
In order to use OpenPG encrypted mail with the correspondents
on other domains, the user must attach his public key to an
outgoing message as the domain owner does not serve keys to
the general Internet population. However, while the user/key
is active, and with the user's permission, anybody in the
possession of the public key can verify the fingerprint using
the the same mechanism as is provided to the members.
After the user removal the domain owner is ipso facto
GDPR compliant. However, he would prefer that a naive user
(rightly or not) does not consider him unresponsive, and both
sides have some interest in preventing any Internet server
from keeping an active and publicly exposed user's name
and (now defunct) e-mail-address, thus indiscriminately
advertising forever the fact that John Doe was at some point
in time a member of Example.org.
How do individual key-server owner/operators react to
formal GDPR "forget me" requests; either by e-mail users, or
by mail domain owners? Any known legal precedents?
More information about the Gnupg-users