On 09/13/2013 09:49 AM, Peter Lebbing wrote: > On 2013-09-13 14:24, Nicholas Cole wrote: >> The correct way would be to have keyservers >> honour the no-modify flag, or perhaps have some notation on the ID >> that prevents uploading to a public keyserver. I myself would favour >> the latter approach. > > The latter has the same problem as the no-modify flag: it can be > subverted by someone as long as the keyservers do not do crypto.
yes, pretty much anything can be published as long as the keyservers do
not do crypto. That's something that the keyservers need to fix, as it
would prevent other problems as well.
In the meantime, we can produce certifications that won't be
misinterpreted by the keyservers as they currently exist, and can be
validated by any future keyservers that do proper cryptographic checks.
--dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
