[liberationtech] Interesting things in keyservers
Bill Stewart
bill.stewart at pobox.com
Sun Jul 21 21:47:51 PDT 2013
At 02:22 AM 7/21/2013, Eugen Leitl forwarded:
(somebody's, probably Micah's, excellent note on problems with
incorrectly trusting key servers, especially the MIT one.)
> > 1. no, I didn't do that, nor did I upload the edward snowden or
> bradley manning keys.
If nobody's uploaded fake Edward Snowden or Bradley Manning (or, more
seriously, Glenn Greenwald) keys to the MIT key server yet, then
there are a bunch of trolls who have really been slacking off on
their jobs. They don't call it the Keyserver of a Million Lies for nothing.
The usability of the Web of Trust as a set of connection metadata is
potentially a serious problem - you want your friends to be able to
verify your keys, but if your connections are as important as your
messages, there's a lot to be said for handing out business cards
with your key fingerprints on them.
More information about the cypherpunks
mailing list