www-community mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <...@algroup.co.uk>
Subject Re: [PGP Global Directory] Verify Email Address - what do people think?
Date Tue, 21 Dec 2004 05:02:17 GMT
Shane Curcuru wrote:
> Anyone with a PGP key on the pgp.com keyserver likely has gotten one or
> more of these emails recently.  I'm figuring it's legit, see
> http://www.pgp.com/downloads/beta/globaldirectory/faq.html

It is legit.

> - Any security types have a decent analysis of what the new pgp.com's
> "Directory" really means, vs. using other keyservers?

The point about this new one is it allows keys that are wrong (i.e. do 
not belong to the email address) or no longer have private keys 
available to be expired.

> - Hey: how many of us still see the pgp.com keyserver as a useful thing
> for building the Apache web-of-trust, versus other keyservers or simply
> managing keys individually?

They are a convenient way to get keys. I use them all the time.

> A couple of things in the FAQ are interesting:
> - Only supports v4 keys - no RSA legacy keys (they get deleted before
> being posted in the directory)

This is a long-standing whine by PGP types - compatibility issues, 
basically.

> - Verifies keys every 6 months by requiring a clickthru response to
> emails sent to <you@domain.blah>; only keys with email addr are
> supported.

See above.

> - *Only* signatures from other keys that are also in the Directory are
> supported: other signatures are removed before being exposed in the
> Directory.  (This one is mildly annoying)  I wonder how many out of
> their claimed 107 signatures on my key will remain after this check.

I'm not sure of the motivation for this one - I'll take it up with the 
guy in charge if you want.

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

---------------------------------------------------------------------
To unsubscribe, e-mail: community-unsubscribe@apache.org
For additional commands, e-mail: community-help@apache.org


Mime
View raw message