[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: gpg keyservers



On Fri, Apr 26, 2002 at 02:01:57PM +0930, Tom Cook wrote:
| On  0, dman <dman@dman.ddts.net> wrote:
| > 
| > What keysevers do people recommend using?  I've got the two mentioned
| > in the readme in my config (keyring.debian.org and wwwkeys.pgp.net)
| > and so far (one day!) that has sufficed.  Do people recommend using
| > any other servers?
| 
| I use www.keyserver.org - hadn't heard of the ones you mentioned (not
| saying much, though).
| 
| > Also, what is the best way to publish my (brand new!) public key?
| 
| See my sig.  But you've already picked up on that.

Yeah, but that technique is less-than-ideal because you (the
recipient) must put forth effort to verify my signature.  The servers
are great because no extra effort is required!

| > PS.  Everyone should use gpg!  It is _really_ easy and provides the
| >      perfect way to stop spam -- only allow properly signed messages
| >      to be delivered :-).
| 
| How does it stop spam?  You need *everybody* (including technophobes
| you know (like grandparents)) to sign all their messages.

Yes, that's how.  (and why I don't realistically think it will pan out)

| Once signing reaches that sort of critical mass, the spammers will
| take note and start signing their messages.

That will slow them down, at the least, and also means that they are
_accurately_ identifying the sender.  It makes blacklists much more
effective when the identity isn't forged.
 
| *Anybody* can generate a public key...

Yes, but then either keyservers can impose some sort of requirements
for publishing the key or black-keyservers can be created to identify
spammer messages and blackhole them.

-D

-- 

He who finds a wife finds what is good
and receives favor from the Lord.
        Proverbs 18:22
 
GnuPG key : http://dman.ddts.net/~dman/public_key.gpg

Attachment: pgpQ3aWKySRzE.pgp
Description: PGP signature


Reply to: