On Jun 17, 2012, at 7:36 AM, Michel Messerschmidt wrote:
> On Sat, Jun 16, 2012 at 05:32:36PM -0400, David Shaw wrote:
>> Yes, I understand that spreading out keyserver requests can help avoid this
>> sort of tracking, but remember that the keyserver URL feature allows the
>> keyholder to bypass
On Sat, Jun 16, 2012 at 05:32:36PM -0400, David Shaw wrote:
> Yes, I understand that spreading out keyserver requests can help avoid this
> sort of tracking, but remember that the keyserver URL feature allows the
> keyholder to bypass the keyserver chosen by the user, and send the requests
> any
On Jun 15, 2012, at 12:33 PM, John Clizbe wrote:
>> It's a similar problem in type as auto-key-retrieve or auto-key-locate, but
>> it's a different problem in degree: both AKR and AKL fire only as needed
>> (either when a key is needed for sig verification, or when a key is needed
>> to encrypt to
On 15/06/12 18:33, John Clizbe wrote:
> You remember where that was? Sounds interesting, and I have plenty of
> keyservers here at home to choose from.
Werner mentioned it[1] in his reply to this thread:
> You should be able to use
>
> --auto-key-locate nodefault,keyserver -r f...@example.org
David Shaw wrote:
> On Jun 14, 2012, at 4:34 PM, Robert J. Hansen wrote:
>
>>> 1) If the keyserver (of whatever type) isn't reachable...
>>
>> As you say, easy to solve: agreed.
>>
>>> 2) Concern that enough people turning this feature on would add
>>> significant load to the keyserver network.
On Jun 14, 2012, at 4:34 PM, Robert J. Hansen wrote:
>> 1) If the keyserver (of whatever type) isn't reachable...
>
> As you say, easy to solve: agreed.
>
>> 2) Concern that enough people turning this feature on would add
>> significant load to the keyserver network...
>
> An open question and
1) If the keyserver (of whatever type) isn't reachable...
As you say, easy to solve: agreed.
2) Concern that enough people turning this feature on would add
significant load to the keyserver network...
An open question and one we'd need to address: agreed.
3) It leaks information more than
On Thu, 14 Jun 2012 19:48, r...@sixdemonbag.org said:
> We already have something similar to this in --auto-key-retrieve, and
> the same warnings about that option probably also apply here. The
> principal difference would seem to be that auto-key-retrieve only
> fetches certificates that are not
On Jun 14, 2012, at 1:48 PM, Robert J. Hansen wrote:
> Currently, users have a public keyring containing certificates acquired from
> many different sources. These certificates are often out of date, sometimes
> in minor ways, sometimes in large ones. Since many users now have always-on
> and
Currently, users have a public keyring containing certificates acquired
from many different sources. These certificates are often out of date,
sometimes in minor ways, sometimes in large ones. Since many users now
have always-on and fairly reliable internet connectivity, perhaps it
makes sens
10 matches
Mail list logo
