[OT] Re: useless test keys and keyservers

Melissa Reese mreese at calarts.edu
Tue Mar 1 19:04:34 CET 2005


Hi Stewart,

On Tuesday, March 01, 2005, at 9:12:29 AM PST, you wrote:

> Well, it appears that someone (not me!) has submitted your key to a
> keyserver for you. (Paraphrasing a famous quote) Whilst I don't
> agree with your views on keyservers, I support your right to have
> them. If it wasn't you that submitted it I think this is bad form
> for whoever did it. :-(

Yes, one of my greatest disappointments with the current keyserver
system is the ability of anyone to upload anyone else's keys.  I have
several keys, associated with several different accounts, and while
I've uploaded *one* of them to the keyservers myself, the rest were
uploaded by others.  In some cases, after they've signed my keys with
exportable signatures, though they don't know me, or my association
with certain keys from a hole in the ground.  Is that really "good
practice" in terms of "web of trust"?

> I would like to follow through the points you've made, but let's do it
> off list so as to not waste other members time.

When I have a bit of time, perhaps later tonight, I'll finish up the
longer message I started last night and send it along off-list.

-- 
Melissa

PGP public keys:
http://www.freewebs.com/qajaq/



-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 304 bytes
Desc: not available
Url : /pipermail/attachments/20050301/d159ca6d/attachment.pgp


More information about the Gnupg-users mailing list