Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Request for comments - a #CryptoParty-oriented keysigning protocol

Nick Daly nick.m.daly at gmail.com
Fri Aug 31 10:01:50 PDT 2012


On Fri, Aug 31, 2012 at 11:23 AM, Matt Mackall wrote:
>
> Not strictly related, but I've heard some rumblings lately about the PGP
> web of trust being harmful because it can expose activists' social
> networks.

A valid concern.  If you hate social graphs, don't publish your key
and ask that your signed key not be published.  However, it's much
more difficult to build a web then, as your local key copy is the only
updated copy.  You'd need to send your key to all the previous signers
every time your key was signed.

Of course, the comparative difficulty between the two methods varies,
based on how often people pull updated keys from keyservers.  If none
of your key signers ever pulls your updated key, publishing keys is
kinda silly.



More information about the liberationtech mailing list