[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] nokeyserver annotation
|
From: |
Vincent Breitmoser |
|
Subject: |
Re: [Sks-devel] nokeyserver annotation |
|
Date: |
Tue, 20 Dec 2016 19:18:29 +0100 |
|
User-agent: |
NeoMutt/20161104 (1.7.1) |
> - to do this keyservers will have to actually do cryptography
Are you sure? I don't think there's any attack scenario here: If any
such signature exists, you can't upload the key. It's impossible to
attach those to another person's key, and that's the only attack
scenario I can see.
> - how does one propagates a "nokeyserver" annotation on a key in the
> SKS network when this network does not carry said key
One doesn't, that's the point. All keyservers reject them, both on
upload and gossipping (to avoid pollution from a rogue server).
> - It would help if you started by stating what real world problem you
> are trying to solve. You realize that it will *not* solve the problem
> where server operators are asked to remove a key from their server?
What this avoids is upload of another person's key that wasn't meant to
be published by accident. It's impossible to have a key right now that
doesn't run a chance of publishing your user ids on keyservers. Handling
this socially "don't upload another person's key, it's super impolite!"
is not only ineffective, it's harmful to the ecosystem.
- V
Re: [Sks-devel] nokeyserver annotation, Kiss Gabor (Bitman), 2016/12/20
Re: [Sks-devel] nokeyserver annotation, Daniel Kahn Gillmor, 2016/12/20