On 22.05.18 21:44, Vincent Breitmoser wrote: [...] > My personal conclusion is that keyservers that support user id packets are, > quite simply, incompatible with GDPR law. Has anyone else thought about this? > It's fairly unlikely that there will be actual consequences since keyservers > aren't widely used, but running a keyserver on this assumption is hardly > reassuring.
There are actually two different types of keyservers, which should be clearly distinguished. 1. the pool of SKS keyservers: as anyone can upload anybody's key, and as it does not allow to delete keys, it's IMHO by not compatible with GDPR. 2. other types of keyservers like the run by Mailvelope (and possibly others that I don't know of), that verify the keys they receive and allow to delete keys, are compatible with GDPR, or can be made compatible easily. -Patrick _______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
