On Fri, Aug 31, 2012 at 11:23 AM, Matt Mackall wrote: > > Not strictly related, but I've heard some rumblings lately about the PGP > web of trust being harmful because it can expose activists' social > networks.
A valid concern. If you hate social graphs, don't publish your key and ask that your signed key not be published. However, it's much more difficult to build a web then, as your local key copy is the only updated copy. You'd need to send your key to all the previous signers every time your key was signed. Of course, the comparative difficulty between the two methods varies, based on how often people pull updated keys from keyservers. If none of your key signers ever pulls your updated key, publishing keys is kinda silly. -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
