[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: 6 million
From: |
Todd Fleisher |
Subject: |
Re: 6 million |
Date: |
Tue, 14 Apr 2020 14:43:10 -0700 |
> On Apr 14, 2020, at 14:32, Stefan Claas <address@hidden> wrote:
>
> I don't know why they are saying this, but if you would download my CA
> certified
> public key block from their server, the CA sig3 is on my public key block.
If I had to guess, I’d say they allow you to upload your own public key and
don’t strip away any third party signatures you may have included in your
upload. So if I wanted to sign your key I would have to do so, then send it to
you to re-upload and re-confirm before it would be published. While this likely
isn’t a big deal for the more tech-savvy folks out there who are already
familiar with GPG, others would struggle with or just ignore it and not have
any 3rd party signatures.
> Another thing I like about the Mailvelope keyserver is that when you upload
> your
> public key block, they will send you an encrypted email, with a validation
> link,
> so that your public key block is only available there, once you have confirmed
> the link.
This is what Hagrid does as well, minus the encrypted email part. And while it
does provide a useful privacy/control function, it does increase the complexity
(or at least the user touch points) as mentioned above.
-T
signature.asc
Description: Message signed with OpenPGP
- Re: 6 million, (continued)
- Re: 6 million, Skip Carter, 2020/04/14
- Re: 6 million, brent s., 2020/04/14
- Re: 6 million, Stefan Claas, 2020/04/14
- Re: 6 million, brent s., 2020/04/14
- Re: 6 million, Stefan Claas, 2020/04/14
- Re: 6 million, Todd Fleisher, 2020/04/14
- Re: 6 million, Stefan Claas, 2020/04/14
- Re: 6 million,
Todd Fleisher <=
- Re: 6 million, Stefan Claas, 2020/04/14
- Re: 6 million, Arnold, 2020/04/14