[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] Proposal: Start verifying self-signatures
|
From: |
Daniel Kahn Gillmor |
|
Subject: |
Re: [Sks-devel] Proposal: Start verifying self-signatures |
|
Date: |
Thu, 21 May 2015 13:17:35 -0400 |
|
User-agent: |
Notmuch/0.20~rc1 (http://notmuchmail.org) Emacs/24.4.1 (x86_64-pc-linux-gnu) |
Thanks for the followup, Yaron--
On Tue 2015-05-19 18:18:44 -0400, Yaron Minsky wrote:
> Let's think about a simpler question: deletion.
I actually think after-the-fact deletion is a much harder question than
setting up filters based on some technical/discoverable aspect of
OpenPGP packets. (though i suppose a new filter stated as something
like "everything except keys X, Y, and Z" could technically act as
deletion)
I think it would be a shame to twist ourselves in knots trying to come
up with a generic deletion policy (which seems like it would involve
quite a bit of political wrangling, centralized trust delegation, etc)
when adding a new filter (e.g. rejection of non-exportable keys [0]) is
much less fraught but no less important.
If we can solve the "how do we roll out a new filter?" question, that
puts us on the path to having effective machinery that we could then use
as a mechanism for deletion (if we decide as a community that's a good
idea). but i'd rather not have to hash out the tougher question fully
(e.g. deletion policy) in order to roll out a new filter that doesn't
need those answers.
--dkg
[0] https://bitbucket.org/skskeyserver/sks-keyserver/pull-request/20
- Re: [Sks-devel] Proposal: Start verifying self-signatures, (continued)
- Re: [Sks-devel] Proposal: Start verifying self-signatures, Daniel Roesler, 2015/05/18
- Re: [Sks-devel] Proposal: Start verifying self-signatures, Robert J. Hansen, 2015/05/18
- Re: [Sks-devel] Proposal: Start verifying self-signatures, address@hidden, 2015/05/19
- Re: [Sks-devel] Proposal: Start verifying self-signatures, Gabor Kiss, 2015/05/19
- Re: [Sks-devel] Proposal: Start verifying self-signatures, address@hidden, 2015/05/19
- Re: [Sks-devel] Proposal: Start verifying self-signatures, Arnold, 2015/05/19
- Re: [Sks-devel] Proposal: Start verifying self-signatures, Daniel Roesler, 2015/05/19
- Re: [Sks-devel] Proposal: Start verifying self-signatures, Daniel Kahn Gillmor, 2015/05/19
- Re: [Sks-devel] Proposal: Start verifying self-signatures, Robert J. Hansen, 2015/05/19
- Re: [Sks-devel] Proposal: Start verifying self-signatures, Yaron Minsky, 2015/05/19
- Re: [Sks-devel] Proposal: Start verifying self-signatures,
Daniel Kahn Gillmor <=
- Re: [Sks-devel] Key subsets (was: Proposal: Start verifying self-signatures), Arnold, 2015/05/21
- Re: [Sks-devel] Key subsets (was: Proposal: Start verifying self-signatures), Yaron Minsky, 2015/05/21
- Re: [Sks-devel] Key subsets, Arnold, 2015/05/21
- Re: [Sks-devel] Proposal: Start verifying self-signatures, Brian Minton, 2015/05/19
- Re: [Sks-devel] Proposal: Start verifying self-signatures, Johan van Selst, 2015/05/20
- Re: [Sks-devel] Proposal: Start verifying self-signatures, Robert J. Hansen, 2015/05/19
- Re: [Sks-devel] Proposal: Start verifying self-signatures, Johan van Selst, 2015/05/19
- Re: [Sks-devel] Proposal: Start verifying self-signatures, Mike Forbes, 2015/05/18