[OT] New keyserver
Jan-Benedict Glaw
jbglaw at lug-owl.de
Tue Sep 24 12:40:02 CEST 2002
On Mon, 2002-09-23 16:48:22 +0200, disastry at saiknes.lv <disastry at saiknes.lv>
wrote in message <3D8F29B6.ECB9E13 at saiknes.lv>:
> keyserver does not need to sign keys,
> however it would be nice if it could verify signatures, so that it can reject
> userids without valid selfsig.
Seems I don't get the point. What's wrong with UIDs without
self-signatures? Though, they're *not* what you think about them (being
"valid" UIDs), but technically, everybody can attach any UIDs to any
key. ...and GnuPG doesn't trust UIDs without self-signatures, so
everything is okay (from my point of view).
What could be said is that it would be a nice feature to not transmit
UIDs with missing self-sigs, because they're a) not worth anything and
b) probably the result of bad kiddies. Am I wrong here?
MfG, JBG
--
- Eine Freie Meinung in einem Freien Kopf für
- einen Freien Staat voll Freier Bürger
Gegen Zensur im Internet
Jan-Benedict Glaw . jbglaw at lug-owl.de . +49-172-7608481
-- New APT-Proxy written in shell script --
http://lug-owl.de/~jbglaw/software/ap2/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20020924/2e80fa36/attachment.bin
More information about the Gnupg-devel
mailing list