Re: [Sks-devel] Verification of keys on upload and removal options

[Andrew Gallagher]

On 25/03/16 13:16, Christoph Egger wrote:
> Hi!
> 
> Douglas <address@hidden> writes:
>> It doesn't benefit anyone to retain keys uploaded with malicious
>> intent, so I believe it's worth discussing a mechanism for key removal
>> due to abuse of the system.
> 
> Sure. I suggest you start by reading the Minsky paper on how the
> keyservers work and bring forward a feasible protocol proposal.
> 
>   Christoph

Before we even *think* about a protocol, there are policy hurdles to be
overcome, e.g.:

1. What criteria should be met before a key is removed?

2. Who decides that the criteria have been met?

3. How are malicious removals prevented?

4. How is whack-a-mole prevented?

These are all *hard* problems, and none of them have much, or anything,
to do with protocol design.

A

signature.asc
Description: OpenPGP digital signature