-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 03/02/2015 12:12 PM, Kristian Fiskerstrand wrote: > On 03/02/2015 10:16 AM, gnupgpacker wrote: >> Hello,
Seems I inadvertently sent this message only directly without CCing the list > > > .. > > >> This procedure should be implemented in keyservers. > >> No CA needed, no centralisation necessary => just verifying of >> existing AND proper working email addresses. > > This _is_ a CA, granted with weak verification (could arguably say > similar to domain validated X.509 certs), but conceptually a CA > none the less. Such weak verification does not rely on being > implemented in keyservers, and would be better off outside it. > > >> Additional: There are lot of old keys on keyservers not being >> verified in described manner. > > Because they are not designed for it, nor need it. > >> Those keys (or the newer, verified ones) could be marked with a >> short hint on keyservers to differ between verified and not >> verified email addresses. > >> Facility of deleting own (!) keys on keyserver wanted for old >> (revoked, expired, test, failed...) keys. > > This could open up to several attacks, in particular where keys > have been revoked. The keyservers are add only for a reason, and > should remain so. > > > - -- - ---------------------------- Kristian Fiskerstrand Blog: http://blog.sumptuouscapital.com Twitter: @krifisk - ---------------------------- Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 - ---------------------------- "Expect the best. Prepare for the worst. Capitalize on what comes." (Zig Ziglar) -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJU9NfPAAoJEP7VAChXwav6eSoH/1Gmz850g/CtJjo5La10GeO5 mIojoblh3P6k8yJ2FyHJqBQM12BqYXzjIa+cJizBBQG8ZSw4feX7kP2Ucznx37H/ 8UUzUmWEFDDF0A4asNX1oVo4xaDmJbbqyBIRzOIkDXsyoyC1vrKdfnA7wODO9U+F x4DBgOq/IaPVsZggeeEuKc5SoYKXhZ9+eHcPsSCWh0JrHR11YHR9nIV5LuxXoY0d z0X+afV2cExRRD8iGWb7QIA/sR33V2IaGCUfIwhi4+O+xmzETZTohiO03Jx5hE7H N/JYSPeNOSaVPPZ+2TNsbYkVs3RMOMdb3TvTZAQCOoNXo28T8nkAg8n0UZA3X9g= =EpMZ -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
