brent s. wrote: > I'm going to anticipate what you're suggesting this solves - that only > key owners can upload their own key by ensuring the sender matches one > of the key's identities. There's flaws with that: > > 1.) You've now broken the ability to upload keys with no real > identifiable information (i.e. no real email address), thus *forcing* > users of a keyserver to provide personal identifiable information. This > breaks anonymity.
Anonymity is a very important point when one likes to communicate securely and anonymously! For that purpose Anonymous Remailers with a Nym account are in service for many years. It requires on the users side that he / she is familiar with GPG, to create a Nym account. http://is-not-my.name/ The Remailer Software itself (Mixmaster) is included in Linux distributions. Windows users have Mixmaster clients too. One only needs a free Usenet account to pick up messages from the News Group alt.anonymous.messages. Then there are probably still free anonymous Tor email accounts available. Another option would be to set-up an email to Bitmessage Gateway (like Mailchuck) so that GPG users can submit their keys from within the Bitmessage client to the key server via the email Gateway. https://github.com/V07D/bitmessage-email-gateway The other points you have mentioned, like the signer cannot upload a key, well that's true but I wonder how you guys like then to solve the problem with uploading flooded key material to the key servers. I think you can not have all options, but I am all ears. Regards Stefan -- box: 4a64758de9e8ceded2c481ee526440687fe2f3a828e3a813f87753ad30847b56 GPG: C93E252DFB3B4DB7EAEB846AD8D464B35E12AB77 (avail. on Hagrid, WKD) _______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel