If your question isn't answered here, feel free to contact the author, Henk Penning.
- frequently asked questions
- why do you publish my email address ?
- can you remove my email address from your pages ?
- why not mangle the email addresses ?
- why not hide the email addresses entirely ?
- infrequently asked questions
- where does the data come from ?
- how fresh is the data ?
- why are some signatures missing ?
- what's wrong with short (8-digit) key-id's ?
There are really only a few frequently asked questions, all related to email addresses.
This question was asked once or twice a week. I got fed up with it and substituted@ → .at.in every uid.
After the change, the questions stopped ; the spambots didn't.
Hmm... You can do it yourself. The uid shown is the uid with the most recent self signature. To hide your email address, add a uid without one, and/or make sure it is selfsigned last.
The only system that really works is : don't show email addresses. Any other system can (and will) be broken by spambots.
Fighting spambots is a lost battle ; fighting spammers is winnable, and a lot more fun.
I hate spam, but I don't believe in hiding email addresses.
My various email addresses appear on countless many web pages. A lot of spam is stopped by our MTA (postfix) ; the rest is filtered out by spamassassin ; I see some 10 spams a day ; they are fed to spamassassin's learn, and I never see them again.
- hiding is boring
- it should be easy to contact me for feedback, idea's etc
- hiding only works if it is 100 percent successful ; it sets limits to what you can do
- fighting spam is better than hiding from it
Removing 10 spams a day is all it costs me to get the freedom to publish my email addresses everywhere I like. Small loss, big gain.
Before februari 2012, the data was provided by Jörgen Cederlöf & Patrick Feisthammel. Jörgen Cederlöf runs the web of trust statistics and pathfinder (wotsap) project. Among other things, each day a fresh .wot file was published in an archive. Each wot contains
In december 2012, Christoph Egger announced he will provide a fresh wot weekly ; great news!
- the key-id's of the pgp keys in the strong set.
- for each key, the most recently selfsigned uid.
- for each key, a list of keys that signed the key
- for each signature, some trust info
Starting april 2017 data is extracted weekly from the surfnet.nl keyserver.
Near the bottom of each stats and paths page, you will find the date/time when the data was last refreshed.
Sometimes the keyserver where the strong set is extracted is not entirely up-to-date. You can lookup your own key (or any other public key) and submit it again.
The keyserver is talking with other keyservers, exchanging info on inserts/deletes of public keys and signatures.