On 01/15/2018 09:23 PM, Stefan Claas wrote: > No? I for one would like to be sure that i am the only person who > can upload my public key to a key server directory.
This seems to be based on a misconception whereby you're attributing properties of a certificate authority to the keyservers. OpenPGP already has a method for certification from CAs, and that is by providing a signature on the appropriate UID on the public keyblock. As long as the signature is propagated on the keyserver network, these roles can be appropriately isolated and the decision of whether or not to trust a specific CA is left to the user performing the trust calculation, incidentally also allowing for signatures from multiple CAs. -- ---------------------------- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitter: @krifisk ---------------------------- Public OpenPGP keyblock at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 ---------------------------- Fabricando fit faber Practice makes perfect
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
