Should you include your email address on key server?

Werner Koch wk at gnupg.org
Tue May 13 14:13:40 CEST 2025 

On Tue, 13 May 2025 03:01, Atod Bora said:
> What are the best practices and/or pros/cons of including your email
> address on the key server?  For instance now, I have not included my

Use only the mail address if you are using the this for mail.  If you
like add your name but that is optional and not needed.  The key belongs
to your mail address and thus you need to add the mail address.  Do no
use public keyservers.  They are not useful because of DoS and the
false assumption that a key belongs to the claimed mail address.  Better
ask for a key by mail, embed the key in your signature, attach the mail
to the mail, or use the Web Key Directory.

Keyserver can only be useful for distributing revocation certificates
but in many cases this can also be done by the Web Key Directory (in
fact gpg-wks-client appends revocations of old keys to new keys).

For other use cases a mail address might not be needed.  For example 
I use this key to sign tarballs etc.  

pub   ed25519 2020-08-24 [SC] [expires: 2030-06-30]
      6DAA6E64A76D2840571B4902528897B826403ADA
uid           [  full  ] Werner Koch (dist signing 2020)

Other use cases are keys shared within a project without a corresponding
mail address.

> I was reluctant to include it because of spam harvesting, however I have

20 years ago or so I have seen a few spams coming from keyserver
harvested keys.  But that is too rare than too care about.  See above
regarding my opinion on keyservers.


Salam-Shalom,

   Werner


p.s.
BTW: Although I use for historic reasons a @jabber.gnupg.org address for
Jabber (XMPP) modern jabber ids would just use the domain name (for me
thus wk at gnupg.org) and then it is not easy to distinguish between mail
use of a key and use for jabber (e.g. using Conversations.im).  Thus I
consider to propose a new key flag to mark a subkey for use with chat
program in contrast to mail/data use.  This would allow to use the same
key for mail and chat without risking to put the more valuable mail
encryption key on a easier to attack smartphone.


-- 
The pioneers of a warless world are the youth that
refuse military service.             - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 247 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20250513/3a2ba2ab/attachment.sig>

More information about the Gnupg-users mailing list