Re: [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them

To: debconf-discuss@lists.debconf.org
Subject: Re: [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them
From: Andreas Tille <andreas@an3as.eu>
Date: Thu, 6 Aug 2009 14:19:03 +0200
Message-id: <[🔎] 20090806121903.GA14259@an3as.eu>
In-reply-to: <[🔎] 20090806120040.GA27155@usha.takhisis.invalid>
References: <[🔎] 20090806063413.GR1684@mykerinos.kheops.frmug.org> <[🔎] 20090806071010.GB7887@login2.uio.no> <[🔎] 87skg5nw95.fsf@gkar.ganneff.de> <[🔎] 20090806091919.GS1684@mykerinos.kheops.frmug.org> <[🔎] 20090806113602.GA8712@an3as.eu> <[🔎] 20090806120040.GA27155@usha.takhisis.invalid>

On Thu, Aug 06, 2009 at 02:00:40PM +0200, Stefano Zacchiroli wrote:
> Even if my case is easier (I do read email on the same machine where
> I've my private key) I process them in batch. I use this very simple
> procmail rule to store in a different mailbox the keys received from
> caff:

Well, after some time *I* handled this in a similar way but it involves
more (like a GMail filtering rule, finding another procmail rule for
the mail I have in my institute, etc).  I somehow managed this, yes.
But it is work which just has to be done and it is just not as handy
as just fetching your signed key from the keyserver - especially for
beginners.  An as I said: You might be able to teach those people you
actually want to sign your key to not upload to the server.  In this
case you have no real reason to do so.  But you are not able to prevent
the wrong people to upload to the sever - so all the means you might
invent are not really helpful.  It would be if there would be a means
if only the owner of a key would be able to update a key on e keyserver.
In this case I would subscribe to your reasoning perfectly.

Kind regards

        Andreas.
-- 
http://fam-tille.de
Klarmachen zum Ändern!

Reply to:

References:
- [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them
  - From: Christian Perrier <bubulle@debian.org>
- Re: [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them
  - From: Petter Reinholdtsen <pere@hungry.com>
- Re: [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them
  - From: Joerg Jaspert <joerg@debconf.org>
- Re: [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them
  - From: Christian Perrier <bubulle@debian.org>
- Re: [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them
  - From: Andreas Tille <andreas@an3as.eu>
- Re: [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them
  - From: Stefano Zacchiroli <zack@debian.org>

Prev by Date: Re: [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them
Next by Date: Re: [Debconf-discuss] Please don't upload GPG keys to keyserver?when signing them
Previous by thread: Re: [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them
Next by thread: Re: [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them
Index(es):
- Date
- Thread