[Sks-devel] RFE: max-*-size and strip-photo-uids

[Robert J. Hansen]

At present, there are no credible reports of the keyserver network being
used to distribute illegal data.  I'd like to repeat that: at present
there are *NO* credible reports of the keyserver network being used to
distribute illegal data.  Please don't think I'm crying that the sky is
falling, because it clearly hasn't fallen and we might go decades more
without the sky falling.

That said, the best time to prepare for a crisis is before the crisis hits.

I would like to propose two feature requests for SKS.  One (which I'll
just call the "max-*-size" feature request) will limit the maximum size
of a user ID, user attribute, subkey, signature, etc.: anything larger
than this will not be accepted into the database nor shared with clients
or other servers.  This will help prevent the network from being used to
distribute arbitrary binary data, although it could still be evaded by,
e.g., breaking a large binary into a bunch of signatures and placing
them on the certificate in order, so that they can be reassembled on the
other side.

The second (which I'll call the "strip-photo-uids" feature request) will
strip all photo UIDs regardless of size.  Again, this is not an ironclad
solution: dedicated malcontents will just encode their images some other
way.

*These feature requests have clear, obvious downsides.*  (Not the least
of which is they won't work particularly well.)  I don't believe either
of these features is ready for implementation, but I hope that if we
talk about it for a while we might be able to reach a better idea that
will more appropriately address our needs.