ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: openpgplint: encouraging best practices for OpenPGP keys today

2009-06-12 00:17:11
from [David Shaw] [Permanent Link] 

On Jun 11, 2009, at 11:19 PM, Daniel Kahn Gillmor wrote:


I should note that i'm a bit confused about the keyserver-no-modify
flag. recent versions of GPG seem to set it by default. But the spec says: 

 http://tools.ietf.org/html/rfc4880#section-5.2.3.17
the key holder requests that this key only be modified or updated 
      by the key holder or an administrator of the key server.

And yet, i can upload gpg-created keys to keyservers with no warnings
(whether or not i hold the secret key) and the keyservers accept them
anyway.
The keyserver no-modify flag is effectively a no-op. GPG lets you set or unset it, but since no keyserver actually looks at it, the flag isn't all that useful. 

David
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: openpgplint: encouraging best practices for OpenPGP keys today, Daniel Kahn Gillmor
Next by Date:  how to respect keyserver no-modify ? [was: Re: openpgplint], Daniel Kahn Gillmor
Previous by Thread:  Re: openpgplint: encouraging best practices for OpenPGP keys today, Daniel Kahn Gillmor
Next by Thread:  how to respect keyserver no-modify ? [was: Re: openpgplint], Daniel Kahn Gillmor
Indexes:  [Date] [Thread] [Top] [All Lists]