> On 14 Aug 2019, at 23:38, Daniel Clery <d...@savevsgeek.com> wrote:
> 
> If the keyserver implemented a signer blacklist, (which would scrub the 
> blacklisted signature from any current or incoming public keys), what 
> consequences am I missing?

This is known as “enumerating badness” and it doesn’t scale. You would only be 
able to identify a bad actor after its actions are noticed - by a human being. 
Also, if thousands of separate keys have signed another key, making it 
unusable, how do we decide which of those thousands of keys are legit and which 
the bad actors? Generating lots of keys on modern hardware is not difficult. 

A
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to