Bill Woodcock wrote on 7/27/11 10:21 AM: > I'm always stumped when people to go to extreme lengths to keep > their public keys from being public… Is it because they're worried that the > public key being exposed will lead to someone brute-forcing their > private key eventually? > > -Bill
Hi Bill, I want to avoid what has already happened to me not long ago: someone that I don't know personally, have never met, have no idea who she/he is signed my key with an exportable signature, and without any further ado, uploaded my key to a keyserver. I never invited this person to sign my key. I knew about the unrequested signature only when I performed an occasional check. I have generated a new key, which I have sent directly to users whom I know will respect etiquette. I haven't yet revoked that signed key, but I don't use it, and at sometime in the near future I shall revoke it. Other than that, you're perfectly right, a public key should be uploaded to a keyserver. But it remains the key's owner privilege to do so or not. Charly _______________________________________________ gpgtools-users mailing list gpgtools-users@lists.gpgtools.org FAQ: http://www.gpgtools.org/faq.html Changes: http://lists.gpgtools.org/mailman/listinfo/gpgtools-users Unsubscribe: http://lists.gpgtools.org/mailman/options/gpgtools-users/arch...@mail-archive.com?unsub=Unsubscribe&unsubconfirm=1 This email sent to: arch...@mail-archive.com
