Jump to content
Not connected, Your IP: 3.15.239.145
ravenheart

Public Keyservers, Yes or No?

Recommended Posts

never thought to much about it before but ready to make keys for a new email acct and was just curious if there are any real pros or cons? I guess am not to terribly worried about publishing it, it may even up on my blog for contacting me but still,  anyone have thoughts?

 

Also, if I use an email aliases for the key, would it still be ok once it arrives in the main, actual address?

Share this post


Link to post
Guest

there aren't really many cons unless you put your real name and such on the key, just make a revoke certificate that you can use if the need arise.

 

And yes you can use e-mail aliases and read it just fine when it arrives, but it highly depends whether you use your own decryption or your e-mail service does it for you, sometimes they might read for the e-mail on the private key and other times if you provide the public key to a service they might read the e-mail it's for too.

Share this post


Link to post

there aren't really many cons unless you put your real name and such on the key, just make a revoke certificate that you can use if the need arise.

 

And yes you can use e-mail aliases and read it just fine when it arrives, but it highly depends whether you use your own decryption or your e-mail service does it for you, sometimes they might read for the e-mail on the private key and other times if you provide the public key to a service they might read the e-mail it's for too.

 thanks for the reply,  yes this is for a pop3 acct of mine  not an encrypted webmail service like some of those are,  so I thiink I should be fine then if I use an alias in the key and then also create a revoke cert as well, I'm trying to move away from those encrypted webmail accts so that I can control the encryption myself, call me a control freak

Share this post


Link to post
Guest

 

there aren't really many cons unless you put your real name and such on the key, just make a revoke certificate that you can use if the need arise.

 

And yes you can use e-mail aliases and read it just fine when it arrives, but it highly depends whether you use your own decryption or your e-mail service does it for you, sometimes they might read for the e-mail on the private key and other times if you provide the public key to a service they might read the e-mail it's for too.

 thanks for the reply,  yes this is for a pop3 acct of mine  not an encrypted webmail service like some of those are,  so I thiink I should be fine then if I use an alias in the key and then also create a revoke cert as well, I'm trying to move away from those encrypted webmail accts so that I can control the encryption myself, call me a control freak

 

Yeah I been working on setting up my own server instead. Highest level of control in my opinion  Dovecot with postfix and sieve rules does the job nicely but seems spam lists don't like Residential IPs sending e-mails.

Share this post


Link to post

Set one up with digital ocean,

Mailinabox and let's encrypt ssl. It was fun it cost me 1.06 for the .xyz domain and whatever digital ocean is going to change me for the month of usage.

 

Sent from my SAMSUNG-SM-N920A using Tapatalk

Share this post


Link to post
Guest

Set one up with digital ocean,

Mailinabox and let's encrypt ssl. It was fun it cost me 1.06 for the .xyz domain and whatever digital ocean is going to change me for the month of usage.

 

Sent from my SAMSUNG-SM-N920A using Tapatalk

 

Nah I have my own servers, and mailinabox don't have PGP encryption. Plus digital ocean is VPS servers, no thank you lol I go with dedicated servers. Plus the way I see it with a VPS and mailinabox you might as well use gmail with mailvelope..

 

EDIT: I just went to check on their pricing 20$ a month with them for 2GB / 2 CPU (which I'm quite sure just means how many cores the VPS gets) 40GB SSD space and 3TB transfer. Where for 20$ on a dedicated server if you take some hardware that has a bit of mileage you can get 4 cores, 1000GB SSHD space, 4GB RAM, Unmetered. Much more for the money of course you don't get the ability to reinstall within a minute, but if you use it as mailserver... that's HIGHLY counter productive to reinstall it.

Share this post


Link to post

 

Set one up with digital ocean,

Mailinabox and let's encrypt ssl. It was fun it cost me 1.06 for the .xyz domain and whatever digital ocean is going to change me for the month of usage.

 

Sent from my SAMSUNG-SM-N920A using Tapatalk

 

Nah I have my own servers, and mailinabox don't have PGP encryption. Plus digital ocean is VPS servers, no thank you lol I go with dedicated servers. Plus the way I see it with a VPS and mailinabox you might as well use gmail with mailvelope..

 

EDIT: I just went to check on their pricing 20$ a month with them for 2GB / 2 CPU (which I'm quite sure just means how many cores the VPS gets) 40GB SSD space and 3TB transfer. Where for 20$ on a dedicated server if you take some hardware that has a bit of mileage you can get 4 cores, 1000GB SSHD space, 4GB RAM, Unmetered. Much more for the money of course you don't get the ability to reinstall within a minute, but if you use it as mailserver... that's HIGHLY counter productive to reinstall it.

if you dont mind sharing where you can get that kind of a server. I just used DO to learn since I cannot use my isp to run a mail server from home. 

Share this post


Link to post

Many public keyservers do not work in certain situations many of us here will encounter regularly. But attaching your public key to an unencrypted message is not hard, and the added security of being your own exclusive keyserver is unbeatable for the little issues you avoid.

 

For people you know in real life, just give them a cheap USB flash drive with the public key and a preconfigured e-mail client to use it once they make their own key. They can always copy your public key, and you will not care if the whole Internet has it. You simply cannot beat this option for making things really, really simple.


Debugging is at least twice as hard as writing the program in the first place.

So if you write your code as clever as you can possibly make it, then by definition you are not smart enough to debug it.

Share this post


Link to post

Public keyservers are good as long as you don't require plausible deniability.

In any case, I suggest you to look at the https://keybase.io project, they seem

to figure the trust key part all over the internet in a very user-friendly manner.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...