[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Sun, 09 Dec 2007 23:02:28 +0000 tom <tombrough@xxxxxxxxxxxxxxxx> wrote: > However one thing intrigues me ... your key is signed by many people, so > if I retrieve all their keys from the key server then I will have all > their email addresses. Is this not a way for spammers to build up large > databases of email address ? Spammers are lazy. There are far easier ways of harvesting email addresses. Plus the email addresses in key UID's are usually "public" anyway - used on websites, on mailing lists, status pages, etc.etc. There is no sense in trying to hide from spammers. You do need an email address in the key if you want your key signed. Many people will not be able to sign a key that does not have a direct link to an email address because verifying the email address by encrypted email is an important component of tying the key to a physical person. See the keysigning guide. -- Neil Williams ============= http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/
Attachment:
pgpEBOKk7Xlfx.pgp
Description: PGP signature
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html