Houston, we have a problem
Stefan Claas
stefan.claas at posteo.de
Tue Sep 26 15:05:37 CEST 2017
Am 26.09.2017 um 14:49 schrieb Kristian Fiskerstrand:
> On 09/26/2017 02:15 PM, Andrew Gallagher wrote:
>
>>> being able to browse the
>>> keyserver directly is too useful for debugging to completely remove
>> Indeed, but is it necessary to display the untrustworthy user-ID on
>> signatures? The fingerprint should be sufficient.
> the name of the primary UID of a signature is irrelevant; if we follow
> this argument; (i) until it is verified everything is untrustworthy, so
> (ii) the signature itself shouldn't be shown, nor should any of the UIDs
> for the public keyblock itself, as the self-signature isn't verified,
> and (iii) and the keyserver can't verify it as it isn't a trusted part
> of the infrastructure so the user can't know that it isn't a malicious
> operator running the specific server.
>
> The only logical consequence from (i)-(iii) is to remove keyservers from
> the mix and let users do bilateral exchanges (good luck with revocation
> distribution), for the simple reason that SOME users can't do things
> right, it has to destroy any chance of a proper security for others.
> Which incidentally is similar to a lot of other over-simplification and
> interconnections throughout the world, but that is a separate
> discussion. Finding the least common denominator and simplify everything
> to the absurd, no matter the consequences.
>
I'm no expert like all you guys, but my dream would be if Werner and his
team could
work together with the keybase team, so that we could have WKD support
for keybase.
Regards
Stefan
More information about the Gnupg-users
mailing list