[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] nokeyserver annotation
|
From: |
Christoph Egger |
|
Subject: |
Re: [Sks-devel] nokeyserver annotation |
|
Date: |
Tue, 20 Dec 2016 19:14:52 +0100 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/kfreebsd) |
Hi!
Kim Minh Kaplan <address@hidden> writes:
> Daniel Kahn Gillmor wrote:
>> I'd like the keyservers to reject keys with any self-sigs with the
>> "nokeyserver" notation. The novel thing is that this notation doesn't
>> exist yet :)
> - how does one propagates a "nokeyserver" annotation on a key in the
> SKS network when this network does not carry said key
Assuming the intention is tagging my key (which hasn't been published so
far) so it doesn't end up on the keyserver. In that case *all* self-sigs
would need to carry the notation as otherwise an intruder could just
remove the newest nokeyserver selfsig and still have a valid key (iff
all self-sigs have that flag, no upload can be crafted that has
verifying self-signatures and not carry the flag).
Christoph
Re: [Sks-devel] nokeyserver annotation, Kiss Gabor (Bitman), 2016/12/20
Re: [Sks-devel] nokeyserver annotation, Daniel Kahn Gillmor, 2016/12/20