[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] new keyserver online

From: C.J. Adams-Collier KF7BMP
Subject: Re: [Sks-devel] new keyserver online
Date: Sun, 22 Aug 2010 14:44:03 -0700

On Sun, 2010-08-22 at 16:18 -0500, John Clizbe wrote:
C.J. Adams-Collier KF7BMP wrote:
>> Associated with what? With my key? With the keyserver?
> The email address you used when requesting peers.  The email address
> which I will associate with the keyserver you claim to operate when you
> confirm for me that you have physical access to the private key
> corresponding to public key 0x5BB9A53D.

The email and key which you seem to place such great emphasis on, were only
suggested to be added a few months ago solely as a convenience factor for
contacting a keyserver operator. _Nothing_more_.

You seem to be placing an enormous amount of unwarranted import on them.

It seems to be a reasonable practice to request a signature using a key associated with the contact information.  Most folks requesting peers do this with their request.  I understand now that others do not have this policy.  In the future, I will not notify the list when I receive a refusal to comply with it.

> address@hidden:~$ grep 5BB9A53D /etc/sks/membership 
> 11370#ChrisMitterer<address@hidden>0x5BB9A53D
>> Please tell me once you've got that, so that I can delete it.
> Sorry I failed to confirm receipt previously.  Please consider my
> initial response an indication of receipt and review of the document.
> Please sign a message using the private key associated with 0x5BB9A53D. 
> I will then remove the comment character from
>'s /etc/sks/membership file and re-start the
> server.  Something like the following would be more than adequate ;)

There is no need to restart the server after editing the membership file.

Oh?  Thanks.  I will keep that in mind.

> $ echo "
> I <your name> do hereby swear under penalty of perjury that I own and have
> exclusive access to the private key corresponding with the public key ending
> in <your pgp id> " | \
> gpg --digest-algo sha256 --clearsign

*eyeroll* OYE!!! "Penalty of Perjury"?

Had you requested such a statement from me at the beginning, I would have most
likely written you off and never bothered helping you iron out your IP config

Aw, man.  I didn't *really* request that he sign it that way.  I was kidding and trying to lighten the mood, hence the ";)".

You would have been right to write me off had I demanded such a thing.  A message signed with a key, preferably published in the repository is sufficient.

Again, I'm sorry to have put everyone out with my unreasonable peering policy.

I will publish my peering policy and reply privately with a link to it in the future to avoid causing list flame.
I will not notify the list when I come across what I consider to be questionable practices.
I will reduce my reliance on the information provided by potential peers and the keys which they publish.

Attachment: signature.asc
Description: This is a digitally signed message part

reply via email to

[Prev in Thread] Current Thread [Next in Thread]