On Fri, Apr 26, 2002 at 02:01:57PM +0930, Tom Cook wrote: | On 0, dman <[EMAIL PROTECTED]> wrote: | > | > What keysevers do people recommend using? I've got the two mentioned | > in the readme in my config (keyring.debian.org and wwwkeys.pgp.net) | > and so far (one day!) that has sufficed. Do people recommend using | > any other servers? | | I use www.keyserver.org - hadn't heard of the ones you mentioned (not | saying much, though). | | > Also, what is the best way to publish my (brand new!) public key? | | See my sig. But you've already picked up on that.
Yeah, but that technique is less-than-ideal because you (the
recipient) must put forth effort to verify my signature. The servers
are great because no extra effort is required!
| > PS. Everyone should use gpg! It is _really_ easy and provides the
| > perfect way to stop spam -- only allow properly signed messages
| > to be delivered :-).
|
| How does it stop spam? You need *everybody* (including technophobes
| you know (like grandparents)) to sign all their messages.
Yes, that's how. (and why I don't realistically think it will pan out)
| Once signing reaches that sort of critical mass, the spammers will
| take note and start signing their messages.
That will slow them down, at the least, and also means that they are
_accurately_ identifying the sender. It makes blacklists much more
effective when the identity isn't forged.
| *Anybody* can generate a public key...
Yes, but then either keyservers can impose some sort of requirements
for publishing the key or black-keyservers can be created to identify
spammer messages and blackhole them.
-D
--
He who finds a wife finds what is good
and receives favor from the Lord.
Proverbs 18:22
GnuPG key : http://dman.ddts.net/~dman/public_key.gpg
pgpN5Ey4SV2Xe.pgp
Description: PGP signature
