On 8/1/19 4:13 PM, David wrote: > Playfair via Gnupg-users: >> If keys.openpgp.org won't publish a user ID other than a verified email >> address, is its only recourse to remove the user ID? Could it instead >> substitute the hex key ID, fingerprint or a dummy string like "User ID >> not verified"? If it can't, is there any benefit in publishing a >> mutilated key people can't use? Just reject it. > > Why upload a key to a keyserver with no email address? What's the point > of doing that?
The point of doing that is to permit people who obtain my key through other channels, say directly from me, to periodically refresh it. When I revoke my key or change the expiration date, the fact will be communicated to holders of my public key, at least to those who refresh their key rings. > You cant send an encrypted email to it - unless your > given the email first -will it work to encrypt to a publlic key with no > email? Of course it works. A correspondent has only to select my public key when sending me email. Easier still is for her to create an Enigmail PRR associating my key with my email address or addresses. That makes key selection automatic. > Keyservers should have strict rules on public keys - all to have a valid > email a validation email sent back - then confirmed and that public key > is then available. No identity available - simple - reject the key. Sounds to me like you expect a key server to double as a CA. Chuck
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users