On 2019/06/30 11:49, Mirimir via Gnupg-users wrote: > It would stop when certs can no longer be poisoned. And I don't see the > downside. I mean, what good does it do to have people downloading keys > that break their stuff? > > I don't see that as "doing the bad guys’ work for them". I see it as > preventing bad guys escalating from hurting a few people to doing > serious damage. That's not "punishing the victim".
It prevents escalation, yes. But at the expense of exiling the targeted people from the network - which may well be the attacker's real intent. Any "solution" that turns a general problem into a problem for a small number of *specific individuals* is not a solution, it's a lynching. I'm sure those specific individuals will be thankful that they've been thrown under the bus for the greater good. I'm sure nobody else will be looking over their shoulder wondering whether they'll be next. We solve this issue for *everyone*, or we all go home. -- Andrew Gallagher
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
