Wiktor Kwapisiewicz [2019-06-14 11:59:16+02] wrote: > Storing endless amounts of data without any kind of verification was a > bad idea. Maybe SKS was designed in good old times when no-one would > try to take advantage of it but in 2019 validating e-mail address is > bare minimum a service such as this should do. > > The current shortcoming is stripping third-party signatures. So Web of > Trust wouldn't work (for good reasons described in the FAQ [0]). For > some people this may be surprising.
It may turn out to be a good choice to leave other people's certificates (third-party signatures) out. It seems to solve the storage abuse problem and probably doesn't harm too much communities who need web of trust. Generally web of trust works only in tight communities who can really verify each other's keys. Such communities can easily distribute their keys through their web site or other common resources. For larger audience it's probably enough to have an easy and automatic key discovery and key update service, such as this keys.openpgp.org seems to be. I think. -- /// Teemu Likonen <https://github.com/tlikonen> // // PGP: 4E1055DC84E9DFF613D78557719D69D324539450 ///
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
