On Fri, 28 Jan 2022 13:02:03 -0700, jonkomer via Gnupg-users <gnupg-users@gnupg.org> wrote: > After the user removal the domain owner is ipso facto > GDPR compliant. However, he would prefer that a naive user > (rightly or not) does not consider him unresponsive, and both > sides have some interest in preventing any Internet server > from keeping an active and publicly exposed user's name > and (now defunct) e-mail-address, thus indiscriminately > advertising forever the fact that John Doe was at some point > in time a member of Example.org.
How many signatures are expected to be on such key ? If there are none (or maybe very few, especially if none links to example.org administration), then would it be reasonable to argue that this key can have been forged and the association with that domain is an unverifiable claim ? I have no idea how it would legally fly, and there is certainly a question of scale (enough individually unverifiable but globally concordant claims become a globally convincing picture). Unrelated note: I find the rhetoric of a few posts in this thread absolutely astounding. From a crypto question to red scare and "my army is going to kick your country's ass if it dares talk to me" in two easy steps ? This is vile. -- Vincent Pelletier GPG fingerprint 983A E8B7 3B91 1598 7A92 3845 CAC9 3691 4257 B0C1 _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users