|Subject:||Re: [Sks-devel] Re: Delete key from keyserver|
|Date:||Tue, 7 Sep 2010 21:50:28 -0400|
Now would be a _PERFECT_ time for some research to be actively deployed. ;-)
On Jul 8, 2010, at 11:34 AM, Ari Trachtenberg wrote:
> The backend data structure supporting SKS does not yet support true deletion.
> We are researching this (but it will take some time :-)
Since their are only 50-100 (just a rough estimate) SKS servers, a key could
most definitely be dropped with a modest amount of coordination.
Consider what happens if the reconciliation protocol version is incremented and 2 machines
deploy with the version++ protocol on a store that DROPS the offending key
and actively filters that key going forward.
So there would be 2 SKS nets, and a need to coordinate a switchover from
one store to the other.
Please note that I am NOT suggesting that the SKS protocol be incremented
(though that would most definitely "work").
What I am suggesting is that -- with a modest amount of coordination --
there are solutions that could be devised in order to solve a "real world"
This isn't the first person who decided to lititigate, and won't be the last.
JMHO, YMMV, I'm game for version++ (though I think there are most definitely easier
ways to drop a pubkey than rev'ing the SKS reconciliation protocol version) if anyone else
73 de Jeff
> On Jul 8, 2010, at 6:37 AM, Sebastien wrote:
>> Since I have no web interface running, I did this:
>> #-- exporting the public key I want to drop in SKS database
>> gpg --export --armor --output mykey.asc -- myname
>> #-- getting the MD5 hash of that key
>> md5sum mykey.asc
>> #-- dropping the key from SKS using MD5 hash previousy retreived
>> sks drop <mykey.asc_md5sum>
>> #-- key no longer exist in key server database
>> gpg --keyserver my_sks_server --seach-keys -- myname
>> This could be fine... but I cannot add a new key anymore. Seems that SKS
>> database is corrupted now. Any idea ?
>> Sks-devel mailing list
> Sks-devel mailing list
Sks-devel mailing list
|[Prev in Thread]||Current Thread||[Next in Thread]|