#186 prevent users from uploading public keys of others to key servers, if the key does not exist already on the key servers - GPG Keychain Access

Type	To find
responsible:me	tickets assigned to you
tagged:"@high"	tickets tagged @high
milestone:next	tickets in the upcoming milestone
state:invalid	tickets with the state invalid
created:"last week"	tickets created last week
sort:number, importance, updated	tickets sorted by #, importance or updated
Combine keywords for powerful searching.
Use advanced searching »

#186 ✓released

prevent users from uploading public keys of others to key servers, if the key does not exist already on the key servers

Reported by Luke Le | August 15th, 2013 @ 07:49 PM | in 1.4 (closed)

The problem is, that some people don't want to have their keys exposed on key servers,
mostly due to spam issues, but often based on privacy needs.
Now if a user were to sign public key of another user, they would have to upload
the public key to a key server, so the signature is visible and available to others.
If a public key is however not yet on a key server, GPG Keychain should explain that that's the
case and a local signature should be created automatically.

Comments and changes to this ticket

steve December 17th, 2014 @ 11:59 AM
- Title changed from “GKA should prevent users from uploading public keys of others to the key server, if the key is not already on one” to “prevent users from uploading public keys of others to key servers, if the key does not exist already on the key servers”
- Tag set to “keyserver”
steve May 8th, 2017 @ 05:59 PM
- Milestone changed from “1.1” to “1.4”
Discussed w Mento. Conclusions:
1. Not allow pub key upload at all, when pub key is not on key servers.
2. Signatures are not required to be local and will remain unaffected by this check.
Support May 10th, 2017 @ 11:25 AM
- State changed from “new” to “fixed”
- Assigned user set to “Mento”
(from [26d9d474b5147f46d56b49717ce1b672e659af95]) Upload reworked.

Add success dialog.
[#405 state:fixed assigned:mento] Prevent unwanted upload of keys from others.
[#186 state:fixed assigned:mento] https://github.com/GPGTools/GPGKeychainAccess/commit/26d9d474b5147f...
steve May 10th, 2017 @ 07:37 PM
- State changed from “fixed” to “verified”
- Tag cleared.
10.12.4
2017-05-10 GPG Suite 2017.1 (1856n)

verified
steve September 25th, 2017 @ 05:04 PM
- State changed from “verified” to “released”
[bulk edit]

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.