Key-selectors vs. Multikeys, or: why key-selectors are simply better than Multikeys
My first hack for a client-side implementation of secured mailnglists was the Multikeys-patch for GnuPG. When I wrote that patch, i was quite happy with it. Now I have realized that the Multikeys approach is not really that great. My key criticism is easy to summarize:
Mailinglist membership is not kept secret. The list key holds key references to the members' keys. These key references, implemented as plaintext user-id entries, are readable by everybody having access to the list key. It gets worse: we are talking about the public key. Public keys are - by definition - public. They are to be treated this way - thus they can leak very easily, for example out to the keyservers. Mailinglist membership is something that not everybody should be able to dig into, what makes it a really bad idea to attach such sensible information to a public key.
...