Re: [Sks-devel] new keyserver online

[C.J. Adams-Collier KF7BMP]

On Sun, 2010-08-22 at 16:18 -0500, John Clizbe wrote:
> C.J. Adams-Collier KF7BMP wrote:
> >> Associated with what? With my key? With the keyserver?
> > The email address you used when requesting peers.  The email address
> > which I will associate with the keyserver you claim to operate when you
> > confirm for me that you have physical access to the private key
> > corresponding to public key 0x5BB9A53D.
>
> The email and key which you seem to place such great emphasis on, were only
> suggested to be added a few months ago solely as a convenience factor for
> contacting a keyserver operator. _Nothing_more_.
>
> You seem to be placing an enormous amount of unwarranted import on them.

It seems to be a reasonable practice to request a signature using a key associated with the contact information.  Most folks requesting peers do this with their request.  I understand now that others do not have this policy.  In the future, I will not notify the list when I receive a refusal to comply with it.

> > 
> > address@hidden:~$ grep 5BB9A53D /etc/sks/membership 
> > #keyserver.pki.scientia.net 11370#ChrisMitterer<address@hidden>0x5BB9A53D
> > 
> >> Please tell me once you've got that, so that I can delete it.
> > Sorry I failed to confirm receipt previously.  Please consider my
> > initial response an indication of receipt and review of the document.
> > 
> > Please sign a message using the private key associated with 0x5BB9A53D. 
> > I will then remove the comment character from
> > keyserver.colliertech.org's /etc/sks/membership file and re-start the
> > server.  Something like the following would be more than adequate ;)
>
> There is no need to restart the server after editing the membership file.

Oh?  Thanks.  I will keep that in mind.

> > $ echo "
> > I <your name> do hereby swear under penalty of perjury that I own and have
> > exclusive access to the private key corresponding with the public key ending
> > in <your pgp id> " | \
> > gpg --digest-algo sha256 --clearsign
>
> *eyeroll* OYE!!! "Penalty of Perjury"?
>
> Had you requested such a statement from me at the beginning, I would have most
> likely written you off and never bothered helping you iron out your IP config
> problems.

Aw, man.  I didn't *really* request that he sign it that way.  I was kidding and trying to lighten the mood, hence the ";)".

You would have been right to write me off had I demanded such a thing.  A message signed with a key, preferably published in the repository is sufficient.

Again, I'm sorry to have put everyone out with my unreasonable peering policy.

I will publish my peering policy and reply privately with a link to it in the future to avoid causing list flame.
I will not notify the list when I come across what I consider to be questionable practices.
I will reduce my reliance on the information provided by potential peers and the keys which they publish.

signature.asc
Description: This is a digitally signed message part