Re: [Sks-devel] Proposal: Start verifying self-signatures

[Arnold]

On 18-05-15 01:37, Robert J. Hansen wrote:
>> This is a DOS because Mallory could effectively increase Alice's
>> public key to a size that it would be untenable for Bob to
>> download it from the pool.
> 
> There are so many other, better ways to DoS the entire keyserver network
> that I have real trouble taking this one seriously.

It amazes me that each time something comes up that involves control over the
content of our database (cleaning, removing, rejecting at the gate, etc.),
discussions quickly focus on unimportant details leading to the conclusion: 
"let's
do nothing: accept everything and keep everything". I tried, but really could 
not
think of an example of the opposite in the past six years.

I guess the real problem for further key-server development is there is no 
common
vision or goal for the SKS-network. I really doubt it is possible we ever agree 
on
one (or even multiple) either ;-)

At the same time I strongly believe "accepting and keeping everything" is not
future proof: the SKS-network _will_ collapse sooner or later. Reading the 
archive
of this list provides many options... The main question is: do we (want to) let
that happen?

Regards,
  Arnold