[messaging] Thoughts on keyservers

Tom Ritter tom at ritter.vg
Thu Aug 28 11:35:44 PDT 2014


On 28 August 2014 10:33, Alaric Snell-Pym <alaric at snell-pym.org.uk> wrote:
> Yes; providing security against plagiarism is another interesting topic
> - and pretty tricky when the plagiarist is a MITM :-) If not, then
> plagiarism can often be at least detected after the fact, by the
> original turning up as well as the plagiarised version, or the original
> author seeing their own content with another's signature on it. In
> practice, we can reduce the impact of plagiarism on
> crypto-identity-theft by making an effort to use the same
> crypto-identity (or linked crypto-identities) in lots of different
> environments, to make it hard to MITM them all. I use the same GPG key
> to post stuff here and to sign various things on
> http://www.snell-pym.org.uk/alaric/ (including references to other keys
> I hold), and for other mailing lists and public mails, for instance -
> from a variety of Internet connections.


Or by timestamping.  Blockchain if you're set up to do that, CA
timestamping if you're rich, hashes on twitter if neither, or a
Merkle-Tree log in the future.  If you're worried about plagiarism,
you timestamp your content, and challenge anyone plagiarizing it to
produce a timestamp prior to yours.  (Of course this works better if
whoever consumes content from you is trained to expect it to be
timestamped.)

-tom


More information about the Messaging mailing list