Re: [Sks-devel] 0x80D0489D - bad MPI in pubkey packet

[Jason Harris]

On Wed, Nov 03, 2004 at 05:34:33PM -0500, Yaron Minsky wrote:
> On Wed, 3 Nov 2004 15:18:45 -0500, Jason Harris <address@hidden> wrote:

> > Although I haven't (yet) applied patch-33, your desire to keep unusable
> > keys/packets in SKS really bugs me.  Listing a raw keydump that includes
> > 0x476B1681 causes mutt's pgpring to stop processing after:
 
> I don't mean to offend, but there is actually a good reason for my
> reluctance.  SKS uses a synchronization protocol that requires that
> each host in the system has a uniform view of what does and does not
> belong in the repository.  Introducing changes at one host would cause
> persistent differences between SKS hosts, that would waste time and
> bandwidth as the system tried to resolve an irreconcilable difference.

AFAICT, these "fixes" should be implemented as actual filters that,
yes, all hosts would be required to adopt.  Each admin would force
an "sks cleandb" to remove the problem keys/packets once (each time
the filters change).

If an admin doesn't want to upgrade, they will most likely be dropped
as gossip peers by those who have upgraded.  While this may lead to
more fragmentation of the "SKS network," ideally it will be a positive
force to make the network more homogenous instead.

We're already seeing fragmentation caused by SKS servers running versions
from 1.0.6 to 1.0.9, where your current "presentation" filters (in 1.0.8
and later) mean that certain keys behave differently depending on which
SKS server returns them.

-- 
Jason Harris           |  NIC:  JH329, PGP:  This _is_ PGP-signed, isn't it?
address@hidden _|_ web:  http://keyserver.kjsl.com/~jharris/
          Got photons?   (TM), (C) 2004

pgpZvXzs1UdxK.pgp
Description: PGP signature