On 16/01/18 10:57, Stefan Claas wrote: > And do people always look into blockchain data, when using their wallet to > do transactions? With public WWW key servers it is imho different.
This is an important distinction. Ordinary users should not be browsing the raw data. They should be using tools such as Enigmail that filter out unverified data from their default views. Sure, if you want to go looking for all the junk signatures on people's keys you can, but it shouldn't be displayed as a matter of course. Now, for various reasons a lot of us on this list have spent far too much of our lives looking at the raw keyserver data. And similarly, I have no doubt that a lot of early Bitcoin adopters have looked at the raw blockchain data. So we have to distinguish between what is available if one is sufficiently motivated to go and look, and what is shown to the majority of users. The vandalism problem is solved by clients not displaying unverified content. Whereas the "nightmare scenario" happens entirely out of view of the average user, but has more serious consequences. Let's not mix them up. -- Andrew Gallagher
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
