-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 One possibility would be to have the keyserver sort by the time the key was first seen. That way, there'd be a slightly lower chance of getting an impostor's key. Going by the creation date is not very useful, since impostors could create their key with whatever creation date they like. It would still be insecure without fingerprint verification, but it would perhaps provide a modicum of security. -----BEGIN PGP SIGNATURE-----
iF4EARYIAAYFAlfcU0MACgkQN7lQes/yAW5deAD7B0tNzA2BH99qVWvpllWCXP+I Wye6DpjVO+SedSPDwOABAPJoq+x6bepsME8wnvHq5wkaFxJT+hCVkcmzissRoeMK iF4EAREIAAYFAlfcU0QACgkQa46zoGXPuqlsWQD7BiQuUWAqUr7/ueLjwTKoCTKC 32+/S81Tyl5V7rFp9TYA/1Hjk8kfgVnGdVBwf6RROsOm7Ai4nE+f7xZx+4TcFAqt =SQiM -----END PGP SIGNATURE----- _______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel