Steven W. Orr wrote: > On 07/13/09 14:21, quoth Mikkel L. Ellertson: > >> You know, there is a simple fix to this - someone that has G's >> public key could upload it to a keyserver. <evil>Now, if someone >> wanted to be nasty, they could upload a fake public key with his >> email address. Then if there is anything to SPAMmers mining the >> keyservers for e-mail addresses, the would get the flood of SPAM >> anyway.</evil> > > Two wrongs don't make a right. Another established part of the etiquette is to > never upload someone else's key without explicit permission. Lots of > keyservers don't do subkeys and you don't really have the implicit permission > to overwrite signatures on those machines. To do so would be at least as rude > as not publishing a public key that's needed to verify a signature in a public > mailing list. > If your mail setup is anything like mine, there is an option to upload public keys. While I am fairly sure I wouldn't make the mistake of uploading his key, I can see it happening. Because I do not have his public key, at least I can not be blamed for doing it. As far as uploading a fake key, will interesting to contemplate, I wouldn't actually do it. I am just a bit more responsible that that. Though I am starting to wounder why I adhere to proper net etiquette. It seams like fewer people are following it, and if you point out proper net etiquette, you get branded a LIST NAZI or TOP POSTING NAZI. I guess it is a crime to ask others to be polite and follow community guidelines. My post was half serious, half joking. Kind of a hint about where throwing out net etiquette can lead. After all, if all of us decided that net etiquette didn't apply to us, then behavior I posted would be just as acceptable as G's. Mikkel -- Culture dies when you can't see it, build on it, be affected by it, share it with your friends.
Description: OpenPGP digital signature