|
| From: | Sacha J. Bernstein |
| Subject: | [Sks-devel] Blacklisting Keys |
| Date: | Wed, 25 Feb 2004 15:35:59 -0500 |
I don't know much about the gossip protocol and all that, so how hard would something like this be:
As an admin, I can blacklist keys. My server will delete those keys, and never ever fetch them from other servers. It will never accept them in email syncs either. I sign my blacklist with my key, and make it available to other admins.
I trust 6 other admins on the sks network. I fetch their signed blacklists daily. If 2 or more admins that I trust, other than myself, have blacklisted any key, then my server will ignore it as if I had blacklisted it myself.
The idea is that I don't want one or two rogue admins disabling a bunch of keys for me, so I can choose who I trust, and still require multiple people to agree before I throw away keys automatically (without listing them myself).
Blacklists could just be distributed by HTTP (or SMTP, or just about anything else.) They don't even need to be made by server admins, but that's convenient at the moment.
Comments? This can't be a new idea. Does anyone know why this hasn't been implemented before? Is this a bad idea?
Sacha
| [Prev in Thread] | Current Thread | [Next in Thread] |