[Enigmail] From Circumvention

Ralph Wozelka ralph at wozelka.at
Thu Mar 5 16:51:35 CET 2015


On 2015-03-05 14:51, Stefan wrote:
> Hi,
> 
> Am 05.03.15 um 07:42 schrieb Ludwig Hügelschäfer:
>> On 04.03.15 23:33, Rainer Blome wrote:
>>> Am 04.03.2015 um 13:18 schrieb Patrick Brunschwig:
>>>> We could also implement something like an automatic monthly
>>>> check of all keys on keyservers.
>>
>>> Would this amount to sending your "PGP address book" to the key
>>> server? That is something some might want to avoid.
>>
>> The keyserver would be requested for every key in your keyring - of
>> course not for those which are already revoked.
> 
> I think was Rainer means is the fact that requesting updates from every
> key in your keyring would show the keyserver admin and everyone on the
> probably unsecured connection which keys are in your keyring.

that would become less severe if one used a TLS channel via hkps://
the server admins would still see your complete keyring, though.

my2cents
ralph


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <https://lists.enigmail.net/pipermail/enigmail-users_enigmail.net/attachments/20150305/9e5972e0/attachment.sig>


More information about the enigmail-users mailing list