[liberationtech] Request for comments - a #CryptoParty-oriented keysigning protocol
Nick Daly
nick.m.daly at gmail.com
Fri Aug 31 10:01:50 PDT 2012
On Fri, Aug 31, 2012 at 11:23 AM, Matt Mackall wrote:
>
> Not strictly related, but I've heard some rumblings lately about the PGP
> web of trust being harmful because it can expose activists' social
> networks.
A valid concern. If you hate social graphs, don't publish your key
and ask that your signed key not be published. However, it's much
more difficult to build a web then, as your local key copy is the only
updated copy. You'd need to send your key to all the previous signers
every time your key was signed.
Of course, the comparative difficulty between the two methods varies,
based on how often people pull updated keys from keyservers. If none
of your key signers ever pulls your updated key, publishing keys is
kinda silly.
More information about the liberationtech
mailing list