[Enigmail] From Circumvention

Ludwig Hügelschäfer ludwig at enigmail.net
Thu Mar 5 07:42:42 CET 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 04.03.15 23:33, Rainer Blome wrote:
> Am 04.03.2015 um 13:18 schrieb Patrick Brunschwig:
>> We could also implement something like an automatic monthly
>> check of all keys on keyservers.
> 
> Would this amount to sending your "PGP address book" to the key
> server? That is something some might want to avoid.

The keyserver would be requested for every key in your keyring - of
course not for those which are already revoked.

> At the least, a keyserver should only be polled for those keys
> that were obtained from it. Is this information available in the
> key ring?

Do you mean, that keys should only be requested from the server it was
initially pulled from? No, this is not possible, as this information
is not stored. Also, I cannot see any advantage in doing this.

> An alternative would be a way to ask a server for "all key updates 
> since X", sort of a "key stream"... which would be perfect for 
> email address harvesting - bad idea.

Also, this would be VERY much data. This would practically mean a DDoS
for the servers.

Ludwig
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJU9/rhAAoJEDrb+m0Aoeb+JtYP/01Y/R/d388Cuv0+n1jniWE3
Yqd+bsew3ZsUi+ruJQ6Ll2fHt5BZzOeXhJ+TQeWsMdyGq82ng35vCNv8Ru/FQcgV
M5qfLmzT5xCFh4x+Jj3l7cj3Sep3uReCsvMGHoHyyWnCrhyBPdoJ9M8QuFEF9UQg
tHOTf2ASayNDFtVrmDDV+b2atoKPQZeaCQS619GL24JiJUfvcqHaAxuRNPP3Ru56
ntlnqcioc8YpcF7SuzFvZLiOSDQajkS6GiphFZqaMOWE/GQZsHfTtaJn9Omvvdrj
SE5u7YffddNC3yFOYQH8cY3kogzAXtwMp7wSxE21pl3GJq3fWuVpAeoNIztlUFWb
8HpBVyxToJGaVwDgzAHt8E2FwyXYu4ziLc+CYXFtsJT7/BHl/L/2UhI7UTTRyhVQ
n/xRlbPT3hg4K5wFKbxc+M18qOEtW5vhqdBzWknW4OuNgjtAAN4Cu6slY5vEXf3Z
pnLwBBt5k2CRP9qG8vdRUnrkTSNt40zhdi0p7GL1DiNc48IDzgSjMgyuVVcZ+Vgt
bBc0xE8/DoYwKc/eFZuGCuWz4UydlKVnTGIbe4Mg2Ch2GGMBWTGL/cqF9KYEvLOb
Mp3ug70jzsOd7+BxPmSjXKr45ZEdV5NL2KhlAiHFgLTlAlJqJmQAolc6QOh2eDm/
C33DjQwJPKN+u7ZetHF0
=tr5g
-----END PGP SIGNATURE-----



More information about the enigmail-users mailing list