On Sun, 17 May 2020 10:48, Vincent Breitmoser said: > 1. Without consent, we don't distribute email addresses.
And by that changing the distributed system of keyservers into a centralized key database like PGP tried this with their Universal Server. Which unavoidable will change OpenPGP to a centralized systems. If you want that use X.509 or to get complete centralization use Signal. > 2. We want to distribute revocations and subkey updates regardless. Go readup on the failures and impracticalities of CRLs and OCSP. > GnuPG upstream rejects such updates. Conretely, if you hand a primary > key with only a revocation signature to GnuPG, it will parse the > revocation, verify that it is cryptographically valid, and then throw There is a simple reason for that: You don't want to type in an entire keyblock in the case you need to revoke your key and you only got the printout of the revocation certificate. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users