[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] dealing with misplaced signatures
From: |
David Shaw |
Subject: |
Re: [Sks-devel] dealing with misplaced signatures |
Date: |
Wed, 1 Aug 2012 13:42:46 -0400 |
On Aug 1, 2012, at 1:29 PM, Daniel Kahn Gillmor wrote:
> On 08/01/2012 01:12 PM, David Shaw wrote:
>> My point is that if you expect GPG to be able to fix a broken key, you need
>> to pass back all the data, or GPG has nothing to work from.
>
> well, you could expect the GPG of the original uploader to fix the
> broken key before uploading it. Then the keyservers wouldn't have to
> store and return obviously-incorrect data.
It's an interesting question, as we don't really know how this corruption
happened in the first place. We can't presume that the original uploader
necessarily uploaded a corrupt key. Especially if the original uploader is the
person who generated the key, it's rather hard to imagine the key was corrupt
before it was uploaded.
David