At Mon, 27 Jul 2015 17:51:56 +0200, Patrick Brunschwig wrote: > > On 27.07.15 14:15, Neal H. Walfield wrote: > > Hi, > > > > I guess you mean this: > > > > The idea I have in mind is roughly as follows: if you upload a key to > > a keyserver, the keyserver would send an encrypted email to every UID > > in the key. Each encrypted mail contains a unique link to confirm the > > email address. Once all email addresses are confirmed, the key is > > validated and the keyserver will allow access to it just like with any > > regular keyserver. > > > > This approach is not going to stop a nation state. A nation state can > > intercept the mail, decrypt it and follow the link. > > If the email can be decrypted, then any email can be decrypted, which > would turn OpenPGP useless.
Sorry. This was definately unclear. What I meant is: a nation state can create a "fake" key, upload it to the key server and intercept the mail encrypted to the fake key thereby validating the fake key. > In any case, the target users are not the Edward Snowdens of this world, > but the 99% of people who just want to communicate easily with each > other and don't want to be bothered too much with key complicated key > lookup/verification scenarios. This is a worthy goal :). :) Neal _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
