[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] [openpgp-email] Keyservers and GDPR

From: Yegor Timoshenko
Subject: Re: [Sks-devel] [openpgp-email] Keyservers and GDPR
Date: Wed, 07 Nov 2018 10:16:51 -0000

> Purpose 4, distribution of key signatures, worked as long as
> people didn't used the key listings of the server or tools for
> more or less funny messages. Uploading key signature should be
> possible only by the holder of the key. However, to enforce
> this the keyservers need to employ real crypto and won't be a
> lean service anymore. I think the distribution of keyservers,
> for those who still want to use the WoT, can be replaced by
> sending the signed keys only back to owner. In fact tools like
> caff suggest this use case.

Storing and distributing signatures with issuing keys (instead of
keys that are being signed) should limit abuse potential while
still allowing for WoT.

> Purpose 5 is not relevant for OpenPGP key distribution and
> actually the reason why the keyserver network has more or less
> broken down.

World-writable storage is problematic even if there is no search.
Proof of work and some operator-controllable data removal
mechanism (like opt-in key blacklists) can help limit this attack

Storing immutable data, distributed recon, proof of work, that
sounds like something a blockchain should do to me.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]