Thx.

Maybe implementation with an opt-in could preserve publishing of faked keys on 
public keyservers?

So if new key is uploaded an email with verification link is sent from 
keyserver to issuer.

If embedded link is verified by issuer in 10 Minutes => uploaded public key is 
published
If embedded link is NOT verified by issuer in 10 Minutes => uploaded public key 
is deleted

Forums are working with this technique since years.

Regards, Chris

> -----Original Message-----
> From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of
> Hauke Laging
> Sent: Friday, February 27, 2015 11:59 AM
> Werner has replied to that (on gnupg...@gnupg.org and here):
> http://rem.eifzilla.de/archives/2015/02/24/re-die-schlssel-falle 


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to