-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 03/01/2015 05:36 PM, Marco Zehe wrote: > Hi Kristian, > >> Am 01.03.2015 um 16:38 schrieb Kristian Fiskerstrand >> <kristian.fiskerstr...@sumptuouscapital.com>: >> >> You wouldn't need the keyservers to be involved in this at all. >> Anyone could set up such a mail verification CA outside of the >> keyserver network. > > In theory, yes. And keybase.io goes in that direction, although > they don’t do the verification of e-mail addresses themselves, only > the e-mail address one signs up with for the account. > > But why should key servers not do that? Why add this extra level > of complexity? >
It isn't more complex, it is LESS complex to do it as a standalone CA. We currently have about 150 different key servers in the main gossipping network, you would have to establish severe trust mechanisms between them as to convey the verification data, change the gossiping protocol to accomodate this, implement crypto in the keyservers, possibly have keyservers shut down for legal reasons as possible verctors of legal attack for some additional data; data that, in its concept is the job of a CA in the first place. - -- - ---------------------------- Kristian Fiskerstrand Blog: http://blog.sumptuouscapital.com Twitter: @krifisk - ---------------------------- Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 - ---------------------------- "I have always wished that my computer would be as easy to use as my telephone. My wish has come true -- I no longer know how to use my telephone" (Bjarne Stroustrup, April 1999) -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJU80EMAAoJEP7VAChXwav6MEcIAKh5s2A01wUQZgF1Wh9chtRo tQ6pk05FnEYhyYi/9GBcehf2mqlnkbvBjvw74L1JJWsJdR3i5Z2VGhmVVMFOo4iW 99fX1rD1imM4PiRtAQ3gwvmJNm6u/65mfRFN8M3hyVLjWndkot3i3jCTGzT9oF6t QWcyUFPKAVck+B7VTmn6kt6td8rmYzeIp/0g7a6Q+BCeGNLMKzwdfofMRH0ueMys 0sTkA+73BKKYQITgFh2t+CvCNtoYd5IT8JFrk4lqdeCcb1HVuys0u1J8oLy1ppSr 869cwZ2nhwV4AOczDLAbMlwitDpWTLWpZ+epkkP4hOYii48neSXsc5XQwJr9RBU= =63S3 -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
