[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] Hiding revoked keys in generated webpages
|
From: |
Kristian Fiskerstrand |
|
Subject: |
Re: [Sks-devel] Hiding revoked keys in generated webpages |
|
Date: |
Wed, 25 Jan 2017 20:25:04 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 |
On 01/25/2017 08:20 PM, Gunnar Wolf wrote:
> Hi,
>
> I know this is most likely undoable (unless I do some ugly
> post-parsing to the HTML before sending it to the user), but I'll ask
> anyway: I just sent another message "motivated" by the Evil32
> keys. This one follows the same motivator.
>
> Users of SKS are generally not interested in revoked keys. I would
> like to have an option for hiding (or at least styling — Both could be
> achieved by CSS) revoked keys from the listing. Unfortunately, the
> listing is not generated from a template (as the index is), but
> hardwired in the source, in htmlTemplates.ml
no cryptographic verification is done by the keyserver, this opens up a
denial of service whereby a non-valid revocation certificate is uploaded
to the keyserver. Users should download the keys and verify the
self-signatures using local software.
>
> Now, speaking as a complete OCaml non-user, would the developers be
> interested in me patching this file to generate a more CSS-friendly
> output? Or is there any other way to achieve what I'm looking for?
I don't really like people browsing the keyservers by hand without
understanding the implications to begin with, making it more "user
friendly" seems counter intuitive in that context.
--
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
Docendo discimus
We learn by teaching
signature.asc
Description: OpenPGP digital signature