Keyservers and Spam

Jill.Ramonsky at Aculab.com Jill.Ramonsky at Aculab.com
Mon Jun 9 11:57:07 EDT 2003


Ah, but surely there's a problem with this idea? If you communicate with me
in the clear, you will know my email address to be
"Jill.Ramonsky at Aculab.com". If you hit the reply button following a
communication with me, your message will reach me. BUT - if you then decide
that you want to communicate with me securely, your first action would
presumably be to look up "Jill.Ramonsky at Aculab.com" on a keyserver. It will
not be found, because it won't be there, so you will assume that I'm not
PGP-savvy, and not bother. (Or at least, I'm guessing some people might).

Unless (and I'm hoping someone will confirm or deny this) there is some way
to configure things so that if one looks up "Jill.Ramonsky at Aculab.com" on a
keyserver then what would be returned would be my SECURE email address, not
my insecure one. Is this possible?

My first thought is to generate a new (secure) email address which includes
the old (insecure) address as a substring (for example
"PGP.Jill.Ramonsky at Aculab.com"). Will this work? I don't know enough about
keyservers to know the answer to that one.

Oh yes - one last question... You said "but as a private individual the
volume is not going to be crippling". Roughly how much volume are we talking
about here?

Jill



-----Original Message-----
From: Peter Clay [mailto:pete at flatline.org.uk]
Sent: Monday, June 09, 2003 4:14 PM
To: Jill.Ramonsky at Aculab.com
Cc: cryptography at metzdowd.com
Subject: Re: Keyservers and Spam


On Mon, 9 Jun 2003 Jill.Ramonsky at Aculab.com wrote:

> Hi,
>  
> It seems to me that the possibilty that spammers might harvest PGP
> keyservers for email addresses is a serious disincentive to using
> keyservers. Does anyone have any thoughts on this?

Solution: Have two addresses, a "secure" and "non-secure" one. Discard
all mail to the secure one that's not encrypted. OK, so you have to
process and discard it, but as a private individual the volume is not
going to be crippling.

Pete
-- 
Peter Clay                                         | Campaign for   _  _|
.__
                                                   | Digital       /  / | |
                                                   | Rights!       \_ \_| |
                                                   | http://www.ukcdr.org

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list