Florian Weimer wrote: > * Ben Laurie: > >> I don't use PGP - for email encryption I use enigmail, and getting >> missing keys is as hard as pressing the "get missing keys" button. > > A step which has really profound privacy implications. > > I couldn't find a PGP key server operator that committed itself to > keeping logs confidential and deleting them in a timely manner (but I > didn't look very hard, either). Of course, since PGP hasn't > progressed as faster as our computing resources, I'm nowadays in a > position to run my own key server, but this is hardly a solution to > that kind of problem.
OK, I buy the problem, but until we do something about the totally non-anonymising properties of the 'net, revealing that I want the public key for some person seems to be quite minor - compared, for example, to revealing that I sent him email each time I do. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.links.org/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
