Questions about generating keys

Janusz A. Urbanowicz alex at bofh.net.pl
Wed Aug 22 23:16:07 CEST 2007


On Wed, Aug 22, 2007 at 03:34:50PM -0500, John Clizbe wrote:
 
> > Alex wrote:
> >> Yes, common sense. if you submit your key to a keyserver, there
> >> should be some way to distinguish your key from hundreds of
> >> other having the same short name, when searching for a key.
> > 
> > Sorry, I forgot to say that I don't use any keyservers. Only my
> > friends can get my private e-mail address and "private" public key.

> Relying on the 'highly effective" Security via Obscurity model, huh?
> 
> There's no guarantee that your key won't end up on a keyserver nor is there one
> that your "private" email address won't leak into the public,

There were people that submitted their whole keyrings to keyservers.

And yesterday I got spammed to address that I created for one-time use
for one person, and never gave publicly nor to anyone else.

a
-- 
JID: alex at hell.pl
PGP: 0x46399138
od zwracania uwagi na detale są lekarze, adwokaci, programiści i zegarmistrze
 -- Czerski



More information about the Gnupg-users mailing list