On Tue, 8 Jan 2019 18:50:12 +0100, Peter Lebbing wrote: Hi Peter, [snip]
> I hope I did a good job of explaining my meaning this time around. Yes, i think you did, even if i see things a bit different. But no worries! :-) Since this is an interesting subject, i believe, i may check out how much payload can be put in such large jpeg images, just out of of interest and i may, if time allows, try to get hold of a complete key server dump to try to see if i can find something interesting. > But I'd like to tack on even more thoughts :-). Because finally, what > GnuPG enforces is again something different from what the keyserver > network enforces. If you're worried about big images or other data being > uploaded to the keyservers, the place to fix that would be the > keyservers, not GnuPG, because a bad actor could just change their own > GnuPG. But they can't change the code running in the public keyserver > network other than by running their own keyserver. Yes, agreed! However, as it currently is there is no need for bad actors because people have plenty of image space in a key. Regards Stefan _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
