Am Mo den 31. Jan 2022 um 22:39 schrieb jonkomer via Gnupg-users:
> But the reason for my original post was not to find
> better ways of communication mechanics while the
> relationship exists, it was specific and quite narrow:
> how can both sides do all they reasonably can in order
> to avoid mak
On 31-01-2022 18:11, Andrew Gallagher via Gnupg-users wrote:
> This is incorrect. All three of the commonly-used HKP servers can remove
> keys; this has been done for years to remove poison (i.e. oversized)
> keys that cause DoS. However doing so comes with costs.
Yes, that was the issue that I k
This sounds like a perfect use case for WKD
You are correct.
But the reason for my original post was not to find
better ways of communication mechanics while the
relationship exists, it was specific and quite narrow:
how can both sides do all they reasonably can in order
to avoid making it p
> On 31 Jan 2022, at 21:39, jonkomer wrote:
>
> There is significant difference between a one-time
> "third-party" correspondent misusing his knowledge of
> the relationship after it has been dissolved, from
> that same knowledge being published in perpetuity via
> a simple, automated Internet
On 28/01/2022 20:02, jonkomer via Gnupg-users wrote:
>> A. G. via :
>> The short answer is "no", or at best "not yet"...
>
> Thank you very much for the response and comprehensive
> comments.
>
> In this case, the mail domain owner is actually the one
> that needs this level of control: he insist
On 29/01/2022 01:55, Johan Wevers via Gnupg-users wrote:
> There are known technical issues: the HKP keyserver does not allow keys
> to be removed, GDPR or not. When the keyserer operator operates outside
> of the EU I don't think that is a legal problem.
This is incorrect. All three of the common
On 29/01/2022 03:51, Shawn K. Quinn via Gnupg-users wrote:
> If the server is physically in the US, administered by someone residing
> in the US, is the EU really expecting US courts to enforce EU
> laws/directives like the GDPR on a US citizen?
The short answer is no, of course not.
The practica
Unrelated note: I find the rhetoric of a few posts in this thread
absolutely astounding. From a crypto question to red scare and "my army
is going to kick your country's ass if it dares talk to me" in two easy
steps ? This is vile.
"Tell it to the Marines" is a standard American and British prov
On Fri, 28 Jan 2022 13:02:03 -0700, jonkomer via Gnupg-users
wrote:
> After the user removal the domain owner is ipso facto
> GDPR compliant. However, he would prefer that a naive user
> (rightly or not) does not consider him unresponsive, and both
> sides have some interest in preventing any Int
PS: I guess by the "emotional reactions" you mean Robert J. Hansen
mails, since replies by other people seem much more technical in
nature.
If by 'emotional' people mean 'amused', then yes. I thought it was
cuter than a pailful of kittens. :)
If by 'emotional' people mean angry, annoyed, or
(changing back the thread subject)
On 2022-01-29 at 09:38 -0700, jonkomer wrote:
> I was the one to suggest to them to use e-mail and OpenPG
> encryption. The reasons were two-fold: first to avoid one of
> those centralized, web-browser based, single-point-of-failure,
> essentially insecure commun
On 2022-01-28 at 20:43 -0700, jonkomer wrote:
> > When the keyserer operator operates outside
> > of the EU I don't think that is a legal problem.
>
> If an individual that requests his personal information is
> removed (i.e., the "right to be forgotten") is EU resident,
> GDPR applies regardless
On 29-01-2022 4:43, jonkomer via Gnupg-users wrote:
>> When the keyserer operator operates outside
>> of the EU I don't think that is a legal problem.
> If an individual that requests his personal information is
> removed (i.e., the "right to be forgotten") is EU resident,
> GDPR applies regardle
If an individual that requests his personal information is
removed (i.e., the "right to be forgotten") is EU resident,
GDPR applies regardless of the jurisdiction in which the
information server is located.
"Right to be forgotten" doesn't exist in the United States. It's a
violation of our Fir
On 1/28/22 21:43, jonkomer via Gnupg-users wrote:
> If an individual that requests his personal information is
> removed (i.e., the "right to be forgotten") is EU resident,
> GDPR applies regardless of the jurisdiction in which the
> information server is located.
>
> Jon K.
If the server is phys
jonkomer via Gnupg-users wrote:
When the keyserer operator operates outside
of the EU I don't think that is a legal problem.
If an individual that requests his personal information is
removed (i.e., the "right to be forgotten") is EU resident,
GDPR applies regardless of the jurisdiction in whic
When the keyserer operator operates outside
of the EU I don't think that is a legal problem.
If an individual that requests his personal information is
removed (i.e., the "right to be forgotten") is EU resident,
GDPR applies regardless of the jurisdiction in which the
information server is locat
On 28-01-2022 21:02, jonkomer via Gnupg-users wrote:
> How do individual key-server owner/operators react to
> formal GDPR "forget me" requests; either by e-mail users, or
> by mail domain owners? Any known legal precedents?
There are known technical issues: the HKP keyserver does not allow keys
A. G. via :
The short answer is "no", or at best "not yet"...
Thank you very much for the response and comprehensive
comments.
In this case, the mail domain owner is actually the one
that needs this level of control: he insists on the ability
to positively respond to individual e-mail users' GD
On 26/01/2022 22:03, jonkomer via Gnupg-users wrote:
> Is there anything that a public key owner can do, to actually
> *ensure* that, if some careless or malicious correspondent
> ignores the comment ("Please do not upload...") and attempts
> to upload his or her (otherwise fully functional) public
20 matches
Mail list logo
