Should you include your email address on key server?
Jakob Bohm
jb-gnumlists at wisemo.com
Wed May 21 15:46:30 CEST 2025
On 5/13/2025 10:09:13, Francesco Ariis wrote:
> Hello Atod,
>
> Il 13 maggio 2025 alle 03:01 Atod Bora via Gnupg-users ha scritto:
>> What are the best practices and/or pros/cons of including your email
>> address on the key server? For instance now, I have not included my
>> email address, yet it is in the signature.
>>
>> I was reluctant to include it because of spam harvesting, however I have
>> read it may not be an issue.
> My experience:
>
> I have a personal email address I use only for private communications.
> I do not use it to subscribe to sites or anything similar.
>
> I added it to a keyserver in 2012; I have yet to receive a single spam
> email.
>
> Maybe email harvesting is not profitable anymore
> —F
>
Another potential protocol improvement would be to include only a one-way
hash (same algorithm as current key fingerprint standards) of the mail
addressin public key directories.
This would allow sending clients to look up the keys of intended mail
addresses, while providing no useful information to e-mail harvesters.
Of cause it will still allow data thieves like those from the US to
correlate with other lists of stolen mail addresses, so honest
directories must still refuse to provide directory dumps to bad actors.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
More information about the Gnupg-users
mailing list