> My personal conclusion is that keyservers that support user id packets are, > quite simply, incompatible with GDPR law. Has anyone else thought about this?
I did. I agree with you. > From the view of an app, the GDPR requires "privacy by design" and "privacy by > default". This conflicts with a workflow that asks the user for their email > address and name, and then irremovably uploads this information to a public > listing. On the other hand, it can be argued that this is a tool that only > does > what the user asks it to do, the decision and responsibility lies with the > user. Except his/her name and e-mail address is uploaded by someone else. (With a fake key of course.) Gabor _______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel