On Sun, 09 Dec 2018 20:34:55 +0100, Dirk Gottschalk wrote: > Am Sonntag, den 09.12.2018, 20:03 +0100 schrieb Stefan Claas:
> > My proposal could be run also in parallel. I think it would be > > only a weekend job for a programmer to modify the server code, > > so that it accepts only incoming and verified email and not web > > or GnuPG via Tor submissions. > A weekend job... Muhahahahahahaha, you don't do much programming, don't > you? One would have to write an email bot, change the keyserver code to > no longer accept submissions via HKP, then it would be neccessary do > disable HKP for upload in GnuPG to avoid broken Clients and so on. While testing today how to make someones pub key non-importable,non- receivable, with an evil version of GnuPG, I am wondering about the following: Is it not possible that for pub key submissions GnuPG could be installed on key servers to check if the key material is valid, prior keys got added? My test today showed me that it looks like that GnuPG is not used on key servers. In case if there would be email submissions possible, in the future, i think it could work something like this: Install postfix and procmail, while procmail would pipe that message to gnupg for verification of valid key data, prior the pub key gets added to the pool. Well, just some thoughts. Regards Stefan -- https://www.behance.net/futagoza https://keybase.io/stefan_claas _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users