Robert J. Hansen rjh at sixdemonbag.org wrote on Tue Jan 16 17:42:29 CET 2018 : ... >> The mechanism to prove you are the owner of a public key is pretty much >> in place :-). A mechanism where you can have a signed statement saying >> "on 2018-01-16, I allow my key to show up on keyservers"
>It is theoretically and practically possible to have a keyserver that >honors such requests, but what many people want is *enforcement*. Not >merely a voluntary system that's trivially circumventable, but some >mechanism by which their public keys can be actively kept out of >circulation. ===== It could be done automatically by the keyservers if they wanted to, and if they made it that *the only way* a Public key can be uploaded to that keyserver, if it were accompanied by a signed statement by that key, stating " I allow my key to show up on keyservers". Ideally, if this could be done by gnupg by editing the key, much the same as editing an e-mail address, it would streamline the process; i.e. something like this: gpg --edit-key foo ... Secret key is available. ... [ultimate] (1). foo <f...@key.test> gpg> --allow-keyserver-publication gpg: This requires you to sign that you allow keyserver publication of your key, and will be added as a comment to your key. Do you really want to do this? Y/N gpg: Please enter passphrase to sign gpg; your key now has a comment "Keyserver Publication Allowed" gpg: you may upload this key to any participating keyserver or something along those lines, assuming that keyservers will abide by this and require this 'comment' before accepting a key vedaal _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users