[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] Keyservers and GDPR
|
From: |
Patrick Brunschwig |
|
Subject: |
Re: [Sks-devel] Keyservers and GDPR |
|
Date: |
Wed, 23 May 2018 11:07:10 +0200 |
|
User-agent: |
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:60.0) Gecko/20100101 Thunderbird/60.0 |
On 22.05.18 21:44, Vincent Breitmoser wrote:
[...]
> My personal conclusion is that keyservers that support user id packets are,
> quite simply, incompatible with GDPR law. Has anyone else thought about this?
> It's fairly unlikely that there will be actual consequences since keyservers
> aren't widely used, but running a keyserver on this assumption is hardly
> reassuring.
There are actually two different types of keyservers, which should be
clearly distinguished.
1. the pool of SKS keyservers: as anyone can upload anybody's key, and
as it does not allow to delete keys, it's IMHO by not compatible with GDPR.
2. other types of keyservers like the run by Mailvelope (and possibly
others that I don't know of), that verify the keys they receive and
allow to delete keys, are compatible with GDPR, or can be made
compatible easily.
-Patrick