Fw: Garbled data in keyservers

Stefan Claas stefan.claas at posteo.de
Sun Dec 9 20:36:25 CET 2018



Beginn der weitergeleiteten Nachricht:

Datum: Sun, 9 Dec 2018 20:35:41 +0100
Von: Stefan Claas <stefan.claas at posteo.de>
An: Dirk Gottschalk <dirk.gottschalk1980 at googlemail.com>
Betreff: Re: Garbled data in keyservers


On Sun, 09 Dec 2018 20:26:21 +0100, Dirk Gottschalk wrote:

Hi Dirk,

> > I don't think so. Create an anon account at ProtonMail via Tor for
> > example and then do "funny stuff" with those keys.    
> 
> Nah, the server code has just to be modified, then a plausibility
> check could be established if the UID is a valid one, or an abusive.
> This would disable abusive UIDs with malicious data.  

Well, if one creates a valid UID for ProtonMail, for example, the
the Server needs then also to check additional UID's or "funny" sigs,
right? A key which would bear a CA sig would imho not have such
additional and funny UID's or sigs, because it would make the key owner
look a bit stupid, i would say.

Regards
Stefan

-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas


-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: Digitale Signatur von OpenPGP
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20181209/7660745d/attachment.sig>


More information about the Gnupg-users mailing list