[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] dealing with misplaced signatures
|
From: |
Daniel Kahn Gillmor |
|
Subject: |
Re: [Sks-devel] dealing with misplaced signatures |
|
Date: |
Wed, 01 Aug 2012 13:29:21 -0400 |
|
User-agent: |
Mozilla/5.0 (X11; Linux i686; rv:10.0.5) Gecko/20120624 Icedove/10.0.5 |
On 08/01/2012 01:12 PM, David Shaw wrote:
> My point is that if you expect GPG to be able to fix a broken key, you need
> to pass back all the data, or GPG has nothing to work from.
well, you could expect the GPG of the original uploader to fix the
broken key before uploading it. Then the keyservers wouldn't have to
store and return obviously-incorrect data.
> If you are stating that in every case of this corruption that the bad packets
> always exist in at least two places, and at least one of these is in the
> correct place,
every case i've seen, yes. i don't know if that's a true universal,
though, or if it will be one going into the future. But i think it's
not relevant, if we consider it the job of the uploader to present a
well-formed public certificate package to the keyservers.
> then why are we having this discussion? Drop the packets and be done with it.
my sentiments exactly. :)
--dkg
signature.asc
Description: OpenPGP digital signature