-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 07/29/2015 02:41 PM, MFPA wrote: > Hi > > > On Wednesday 29 July 2015 at 11:05:13 AM, in > <mid:1713361.r4rmyyg...@collossus.ingo-kloecker.de>, Ingo Klöcker > wrote: > > >> A possible benefit would be that the user can choose not to >> upload the validation signatures to the keyservers. With a minor >> change in step 1 (the key owner uploads his key to the validation >> server without uploading it to a keyserver) the UID validation >> would even work for keys which its owner does not want to upload >> to a public keyserver. > > That would be good: mail clients that applied a rule to only use > validated keys would otherwise deny service when emailing somebody > who is trying to keep their key off the keyservers.
Are they really the target group for this proposal? Keep in mind this would be in addition to the regular WoT model, so there is no DoS based on that, per se (obviously you should never encrypt data to a key that isn't verified on some level, even if just a heuristic analysis based on public data and a local non-exportable signature). If the key isn't on keyserver it defeats some of the purpose of this being an easy to use for senders (while still providing _some_ level of security). - -- - ---------------------------- Kristian Fiskerstrand Blog: http://blog.sumptuouscapital.com Twitter: @krifisk - ---------------------------- Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 - ---------------------------- "A committee is a group that keeps minutes and loses hours." (Milton Berle) -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJVuMtjAAoJECULev7WN52F0C8H/1LMy2GnsLr6WRAcPj9jMAvS IwpL+oe5cTdTtpdIcs7s5PhRXwQsbmGdlVaPllsbFn4mAOJ2x7eD7fe/hIHkIPGX +ocZk6h9GlgK6wadNp5mbJ9egxYVVnV84+64S07GAx6IQ9NpOOa+BEa4VDL0UcI/ uLx1LO/9Fkj/gg5IM9YrM3ToLhcotMfen/wQE5dAQ5Zcb2BcDWAGw9mCTzs+a4LY 06w0Q5cRuQDUTcrmrGs5Y23BIRjtijPqEvamWhGynokeR1dmG1axbBAWgRzZAsQl XPoDYLaldAXqPPqLUoNN/IBtJ+7c8MUVlkYTccIzTkYnsqFfGZimEo1mx1DmiNQ= =0Gtq -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
