On Mon, 18 May 2020 12:16, Robert J. Hansen said:
> Centralized key management schemes are sometimes very useful.
I fully agree and I personally known that this is a common use case.
However, people requiring such a use case do not talk in the public
about their specific infrastructure and are a
On 18-05-2020 18:16, Robert J. Hansen wrote:
> Instead of
> spending 30 minutes talking about why it's okay if public certificates
> are shared, we could instead just say "we're not going to share your
> public key with anyone without your written consent" and spend those 30
> minutes talking abut
> And by that changing the distributed system of keyservers into a
> centralized key database like PGP tried this with their Universal
> Server. Which unavoidable will change OpenPGP to a centralized systems.
I think that's a little excessive, Werner. OpenPGP was always intended
to be flexible o
Andrew Gallagher wrote:
> On 18/05/2020 12:12, Stefan Claas wrote:
> > You can argue now that you can give a freeform UID the name rob or
> > rjh too, but this would maybe not so good, because your are
> > publicity known as rob or rjh, thus defeating the purpose a bit.
>
> If your threat model
Stefan Claas wrote:
> Robert J. Hansen wrote:
> > If you want the documentation to reflect PII-free UIDs, please say
> > that. This could be a useful discussion. If the community believes
> > PII-free UIDs should be in the FAQ I will happily write up an entry
> > for it.
>
> Please discuss it
On 18/05/2020 12:12, Stefan Claas wrote:
> You can argue now that you can give a freeform UID the name rob or rjh
> too, but this would maybe not so good, because your are publicity known
> as rob or rjh, thus defeating the purpose a bit.
If your threat model includes your endpoint device being co
