On 7/12/2009 3:03 AM, Tim wrote: > On Sat, 2009-07-11 at 23:38 -0400, David wrote: >> My 'problem' is with the 'not publish the Public Key' thinking. >> >> Can you explain his thinking on that? > > I already did, two messages back: > > "There are spammers which just leech new addresses off PGP (key) servers > as they arrive, and immediately spam you. And if you had more than one > address on the key, they spam each of them. > > "I removed some addresses from a key, and the next set of spam only > spammed the current set of addresses on the key. That doubly proved the > point that some spammers regularly harvest the key servers. > > "And since many different key servers talk to each other, it doesn't > help you by deliberately choosing to only upload your key to a > particular server." > > i.e. Publish a key, and it immediately causes you to receive spam at any > and all addresses that key is associated with. > > It's been that way for at least ten years, that I've observed. And I > don't see it stopping. It's as bad as putting your email address on > your website. > That is odd. I have several keys that I use for different reasons. Three of them are posted to keyservers. I have one 'private' key certain people only have that is not. These four keys are used to sign and encrypt emails not just to sign emails posted on a public mailing list. The only spam I get comes to the address that I use to post to lists. I don't know about this list in particular but there are three others, they are 'related' to each other, that I know of for a fact. And I am suspicious of several others. But my original request was that if he is going to sign that he post the public key. Or not to sign and waste my time. When neither of those did not happen I used a somewhat more drastic method. -- David -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
