[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] heads-up: another attack tool, using SKS as FS

From: Jeremy T. Bouse
Subject: Re: [Sks-devel] heads-up: another attack tool, using SKS as FS
Date: Sat, 14 Jul 2018 10:38:31 -0400
User-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1

On 7/14/2018 9:42 AM, Hendrik Visage wrote:

On 14 Jul 2018, at 13:04 , Gabor Kiss <address@hidden> wrote:

Then let's drop keys that don't contain a valid email address in the key id.

How do you propose to validate the email address?

(Hint: this is a surprisingly hard problem.)

See also "web of trust" and "strong set".
Addresses should/can be checked by humans worldwide who sign/certify the key.

I’ve been trying to get mine “signed” by Web-Of-Trust for years now… also not that “easy” ;(

    Find a local Debian Developer... Most of the Debian Developers are part of the strong set and they're all over the globe.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]