[Sks-devel] Re: Dump

[R P Herrold]

On Thu, 14 Oct 2010, Robert J. Hansen wrote:

> On 10/14/10 10:07 AM, R P Herrold wrote:
> > Trimming away and ignoring clearly stated questions to reframe away hard
> > parts is a common 'debate society tactic' -- engage or be ignored
>
> This has become tedious.  Rather than answer my questions, you accuse me
> of engaging in cheap theatrics and attempt to claim some kind of moral
> high ground.

Review the bidding.  I rather believe you initiated the 
uncivil tone, and I have been mild in reply:

Hansen:
> herrold:
> > and [impairing] the privacy of a whole community's members
> This is nonsense.

and an EOM.  I think that qualifies as rude.  I am pretty sure 
I have not 'claim some kind of moral high ground', but rather 
characterized your selective quotation as not fairly done


The only question I see that you have asked of me was the 
following ...

> > > (b) people who upload their certificates to servers willingly accept
> > > the risk of their email address being public in exchange for the
> > > benefit of having their certificates being easily findable -- and who
> > > are you to say their wishes should be ignored?
> >
> > 'There you go again' Clearly a false generalization.

This was a strawman you framed (and a false one at that).

I have never suggested imparing one off queries.  As you 
suggest that it is common knowledge that easy ** bulk ** 
availability (I went through 'one off' vs. 'wholesale' before 
of course) of the entire corpus is something to have expected, 
would you mind pointing me to a URL to that effect?

I have certainly NEVER consented to, nor uploaded any data to 
a SKS keyserver, and yet I find my details there


As to unanswered questions from me, they remain open:

> Please explain how adding to that pool of bad actors by 
> providing ready access to a frequently updated corpus is a 
> win

and

> Why facilitate casual exploitation?


At the onset I suggested that this was a misapplication of a 
capability, to impair quanta of privacy (expected or not, 
abused or not) by removing a technical barrier than acts as a 
dike to stop all but the taller waves from flooding an area

In looking at the archive I see 191 *.pgp files each 22M big 
(roughly 4 gig of data) it seems and in excess of 2 million 
email addresses from prior comments in this thread -- When 
dealing with the MIT keyserver and the PGP keyserver before 
that, I am substantially certain that I was not provided 
notice of collection and possible reuse along the lines of the 
EU Data Privacy Directive.  There is no right to correct nor 
delete data, from the example thread I cited

I remain unconvinced that making 'voracious and wholesale' 
data collection simple and efficient through anonymous FTP 
from a Eurpoean site is a sound idea.  If the US had 
functional data privacy laws, I would make the same suggestion 
as to a US site

Convince me that helping chip away at privacy by making a 
realtively hard to gather mass anonymously available to more 
is a social good, with more than dismissive rhetoric, if you 
believe such a case exists

-- Russ herrold