Are you or is someone working on DANE support for GnuPG? Any schedule? Am 22.07.2014 16:27, Werner Koch schrieb/wrote: > > On Tue, 22 Jul 2014 09:40, [email protected] said: >> More and more we seem to have the problem of faked keys in the >> key servers. This especially applies to "well known" keys such >> as authors of magazines and famous tools. > > This is actually the problem of checking the validity of the key. > Granted, gpg is not smart enough to figure out the best matching > key but that is something which can be fixed. > > A more simple way of tackling this is to use PKA or DANE for key > validation: For sending mail you already need DNS and thus it would > be easy to retrieve the matching key from the DNS. The drawback is > that this must be configured by the key owner and can't be changed > by the sender. > > > Shalom-Salam, > > Werner >
-- Nicolai M. Josuttis www.josuttis.de mailto:[email protected] PGP fingerprint: CFEA 3B9F 9D8E B52D BD3F 7AF6 1C16 A70A F92D 28F5 _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
