Am 26.09.2017 um 14:49 schrieb Kristian Fiskerstrand:
On 09/26/2017 02:15 PM, Andrew Gallagher wrote:
being able to browse the
keyserver directly is too useful for debugging to completely remove
Indeed, but is it necessary to display the untrustworthy user-ID on
signatures? The fingerprint should be sufficient.
the name of the primary UID of a signature is irrelevant; if we follow
this argument; (i) until it is verified everything is untrustworthy, so
(ii) the signature itself shouldn't be shown, nor should any of the UIDs
for the public keyblock itself, as the self-signature isn't verified,
and (iii) and the keyserver can't verify it as it isn't a trusted part
of the infrastructure so the user can't know that it isn't a malicious
operator running the specific server.
The only logical consequence from (i)-(iii) is to remove keyservers from
the mix and let users do bilateral exchanges (good luck with revocation
distribution), for the simple reason that SOME users can't do things
right, it has to destroy any chance of a proper security for others.
Which incidentally is similar to a lot of other over-simplification and
interconnections throughout the world, but that is a separate
discussion. Finding the least common denominator and simplify everything
to the absurd, no matter the consequences.
I'm no expert like all you guys, but my dream would be if Werner and his
team could
work together with the keybase team, so that we could have WKD support
for keybase.
Regards
Stefan
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
