Thx. Maybe implementation with an opt-in could preserve publishing of faked keys on public keyservers?
So if new key is uploaded an email with verification link is sent from keyserver to issuer. If embedded link is verified by issuer in 10 Minutes => uploaded public key is published If embedded link is NOT verified by issuer in 10 Minutes => uploaded public key is deleted Forums are working with this technique since years. Regards, Chris > -----Original Message----- > From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of > Hauke Laging > Sent: Friday, February 27, 2015 11:59 AM > Werner has replied to that (on gnupg...@gnupg.org and here): > http://rem.eifzilla.de/archives/2015/02/24/re-die-schlssel-falle _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
