[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] keyservers.org downtime
|
From: |
Kiss Gabor (Bitman) |
|
Subject: |
Re: [Sks-devel] keyservers.org downtime |
|
Date: |
Sun, 1 Jul 2012 09:26:58 +0200 (CEST) |
|
User-agent: |
Alpine 2.00 (DEB 1167 2008-08-23) |
> > Why don't put a CNAME record of keyservers.org pointing to a working
> > server? Most of your users won't notice the difference. :)
>
> Because that's fundamentally dishonest.
>
> Some people use keyservers.org indirectly through
> pool.sks-keyservers.net. These people genuinely don't care where their
> certificates get served up from: they just care their certificates get
> served.
>
> Some people use keyservers.org directly by specifying it at the command
> line. Not necessarily because they trust me, mind you -- it's just as
> likely that they use keyservers.org directly because they want to know
> who it is that's running their keyserver, and they don't want to accept
> a certificate served up by someone completely anonymous. Many of these
Dear Robert,
I respect your opinion but I don't agree. Sorry.
_All_ key servers of the pool are absolutely untrustable by definition.
I must laugh at users who do not follow the cryptographic protocols
but trust the "phone book" writable by anybody. Even a given key server
is operated by Mother Teresa it is fulfilled with fake keys.
Regards
Gabor