On Fri, Apr 26, 2002 at 02:01:57PM +0930, Tom Cook wrote: | On 0, dman <dman@dman.ddts.net> wrote: | > | > What keysevers do people recommend using? I've got the two mentioned | > in the readme in my config (keyring.debian.org and wwwkeys.pgp.net) | > and so far (one day!) that has sufficed. Do people recommend using | > any other servers? | | I use www.keyserver.org - hadn't heard of the ones you mentioned (not | saying much, though). | | > Also, what is the best way to publish my (brand new!) public key? | | See my sig. But you've already picked up on that. Yeah, but that technique is less-than-ideal because you (the recipient) must put forth effort to verify my signature. The servers are great because no extra effort is required! | > PS. Everyone should use gpg! It is _really_ easy and provides the | > perfect way to stop spam -- only allow properly signed messages | > to be delivered :-). | | How does it stop spam? You need *everybody* (including technophobes | you know (like grandparents)) to sign all their messages. Yes, that's how. (and why I don't realistically think it will pan out) | Once signing reaches that sort of critical mass, the spammers will | take note and start signing their messages. That will slow them down, at the least, and also means that they are _accurately_ identifying the sender. It makes blacklists much more effective when the identity isn't forged. | *Anybody* can generate a public key... Yes, but then either keyservers can impose some sort of requirements for publishing the key or black-keyservers can be created to identify spammer messages and blackhole them. -D -- He who finds a wife finds what is good and receives favor from the Lord. Proverbs 18:22 GnuPG key : http://dman.ddts.net/~dman/public_key.gpg
Attachment:
pgpEmb0GKFic8.pgp
Description: PGP signature