-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi
On Tuesday 29 April 2014 at 7:18:40 PM, in <mid:[email protected]>, [email protected] wrote: > When a person generates a new key, the e-mail required > by gnupg for key generation, can be listed as something > benign such as [email protected] Or, IMHO better still, left blank. Although I would prefer the ability to include it hashed. > so the question becomes; > "If the key is accessible by the fingerprint and key > name, and people consider the fingerprint the most > trustable identifier of the key, and an attacker cannot > forge a key with the same fingerprint, then why is it > necessary to have the e-mail address on the keyserver > at all? I think it is more a convenience than a necessity. But it became a de facto standard, which the writers of some email software have relied upon to select encryption keys by email address. - -- Best regards MFPA mailto:[email protected] Of course it's a good idea - it's mine! -----BEGIN PGP SIGNATURE----- iPQEAQEKAF4FAlNf9mJXFIAAAAAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0 N0VDQTAzAAoJEKipC46tDG5pNoED/3670bloe3SMow42GKhkZ2ZF2KIk/ZizmczJ B0rl9rNWOlvqCqwACE3WrpyhiD0drwWy8ho4koPpqVm1IpAClH9c2UKj5TOkcoiv yl8LzscfvuIIiee/xNIH/Uq0s5DDBECharMyiL264v9bKvM0l8QRcA96B5mKiMek CUE/fnyX =IB77 -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
