On Fri, Apr 26, 2002 at 02:01:57PM +0930, Tom Cook wrote:
| On 0, dman <dman@dman.ddts.net> wrote:
| >
| > What keysevers do people recommend using? I've got the two mentioned
| > in the readme in my config (keyring.debian.org and wwwkeys.pgp.net)
| > and so far (one day!) that has sufficed. Do people recommend using
| > any other servers?
|
| I use www.keyserver.org - hadn't heard of the ones you mentioned (not
| saying much, though).
|
| > Also, what is the best way to publish my (brand new!) public key?
|
| See my sig. But you've already picked up on that.
Yeah, but that technique is less-than-ideal because you (the
recipient) must put forth effort to verify my signature. The servers
are great because no extra effort is required!
| > PS. Everyone should use gpg! It is _really_ easy and provides the
| > perfect way to stop spam -- only allow properly signed messages
| > to be delivered :-).
|
| How does it stop spam? You need *everybody* (including technophobes
| you know (like grandparents)) to sign all their messages.
Yes, that's how. (and why I don't realistically think it will pan out)
| Once signing reaches that sort of critical mass, the spammers will
| take note and start signing their messages.
That will slow them down, at the least, and also means that they are
_accurately_ identifying the sender. It makes blacklists much more
effective when the identity isn't forged.
| *Anybody* can generate a public key...
Yes, but then either keyservers can impose some sort of requirements
for publishing the key or black-keyservers can be created to identify
spammer messages and blackhole them.
-D
--
He who finds a wife finds what is good
and receives favor from the Lord.
Proverbs 18:22
GnuPG key : http://dman.ddts.net/~dman/public_key.gpg
Attachment:
pgpEmb0GKFic8.pgp
Description: PGP signature