On Thu, 06 Dec 2018 11:42:32 +0100, Werner Koch wrote: > On Thu, 6 Dec 2018 10:22, stefan.cl...@posteo.de said: > > > As long as we have the option to add additional UID's to a key my > > You can't add an UID to a key without having a signature from the > primary key. If the keyservers accept that any OpenPGP implementation > will simply skip such an UID.
Understood. Please check this example, a key with with plenty of data, which only needs to be extracted. https://pgp.circl.lu/pks/lookup?op=get&search=0x73253A1F090C53B6 > > People then would only need a little program to dearmor and > > extract the data from that key UID's. > > But they can't search for it on public servers. Thus there is no gain > here. If you require a dedicated program anyway, that program can > anyway consult one of the Tor hidden servers. But no search engine > will show it. That's right, but my thought is / was someone can (ab)use key servers as data storage / retrieval system and then only provides the key id in a link. Regards Stefan -- https://www.behance.net/futagoza https://keybase.io/stefan_claas
pgpkE2MhpQjUR.pgp
Description: Digitale Signatur von OpenPGP
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
