At 02:22 AM 7/21/2013, Eugen Leitl forwarded: (somebody's, probably Micah's, excellent note on problems with incorrectly trusting key servers, especially the MIT one.)
1. no, I didn't do that, nor did I upload the edward snowden or bradley manning keys.
If nobody's uploaded fake Edward Snowden or Bradley Manning (or, more seriously, Glenn Greenwald) keys to the MIT key server yet, then there are a bunch of trolls who have really been slacking off on their jobs. They don't call it the Keyserver of a Million Lies for nothing. The usability of the Web of Trust as a set of connection metadata is potentially a serious problem - you want your friends to be able to verify your keys, but if your connections are as important as your messages, there's a lot to be said for handing out business cards with your key fingerprints on them.