Hi list,
If I were so inclined couldn't I periodically query every publicly
accessable PGP keyserver (maybe do it in a distributed manner) and
upload a new key with the same name/email address as what was added
since the last time I checked?
Furthermore, couldn't I periodically query every publicly accessible PGP
keyserver (maybe do it in a distributed manner) to see who signed what,
and then mirror that web of trust with the keys I control?
Furthermore, couldn't I also upload keys with same name/email addresses
for any keys that existed before I started, lie about the creation date,
and work those into my hall of mirrors?
-Jonathan
--
Liberationtech is public & archives are searchable on Google. Violations of
list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change
to digest, or change password by emailing moderator at compa...@stanford.edu.