How secure are the GPG/PGP keyservers?
Importing a GPG key with a KeyID or fingerprint seems to rely on keyservers. Doesn’t this invite man-in-the-middle attacks, in which someone would alter the keys to allow them to decrypt the data? What measures are in place to prevent this…