Re: [Sks-devel] Re: Delete key from keyserver

[Jeff Johnson]

On Sep 8, 2010, at 8:15 AM, Johan van Selst wrote:

> Yaron Minsky wrote:
>> I think it would be a mistake to implement deletion in the way I described
>> without some notion of trusted introducers.  And that should I think be
>> implemented by having a set of keys that the full network trusts to
>> introduce deletions.  As I said, there is real work getting the code to make
>> this happen, and also doing the social work of choosing the trusted sources.
> 
> I don't think it is hard to come up with a couple of names from the
> community of people who can be trusted to do this job. But I'm not sure
> that we should push forward with this.
> 
> With the power also comes responsibility and a (legal) liability. These
> people may be considered accountable (by others) for anything that goes
> on in the SKS network. Users mentioning a brand name in a comment field,
> an offensive picture with the key, or whatever, just complain to the
> 'moderators'. To avoid legal claims, and fight battles they cannot
> afford to fight (even if winning might be guaranteed), these chosen few
> may have to approve a lot of undesired deletion requests, once word gets
> out that they can do this.
> 

There's a confusion between "power" and liability here.

As long as the laws (usually privacy related, the intent is often
well meaning even if poorly worded/interpreted), then a responsibility to
follow the laws exists.

The lack of "power" by not having an implementation to delete keys isn't
much protection imho.

> Being responsible for a large international data network, is quite
> something different than being responsible for a single local server
> within a clear jurisdiction and some small control over who can access it
> (even if it is very rudimentary with a couple of system firewall rules).
> 

And there's (perhaps) a confusion between "responsible" and participating in
a global SKS network here.

hth

73 de Jeff