On Wed, 5 Dec 2018 19:56, stefan.cl...@posteo.de said: > Well, my understanding would be that a least one (search) criteria > would be needed to fetch a key, right? And if so i could also imagine
Right, the fingerprint. And maybe the long keyid for a transitional period because not all software already includes the fingerprint in the signature. > that this one criteria could be abused as well, in form of a given > link to that resource, as long as it can be fetched via the web. Being able to search for a fingerprint does not allow you to search for the latest blockbuster movie to get a torrent link. Thus there is no incentive to use the keyservers as an index and running a keyserver will be safer for most operators. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
pgplc6tga88Hi.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
