[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] Verification of keys on upload and removal options
From: |
Malte |
Subject: |
Re: [Sks-devel] Verification of keys on upload and removal options |
Date: |
Tue, 29 Mar 2016 11:23:39 +0200 |
User-agent: |
hostname |
On Friday, March 25, 2016 1:33:16 PM CEST Andrew Gallagher wrote:
> Before we even *think* about a protocol, there are policy hurdles to be
> overcome, e.g.:
>
> 1. What criteria should be met before a key is removed?
Owner of private key or owner of UID/email address requests it.
> 2. Who decides that the criteria have been met?
The keyserver operator the request is sent to.
> 3. How are malicious removals prevented?
If owner of private key and owner of UID/email address disagree, the key stays
off the servers. If they agree there should be no malicious removal.
> 4. How is whack-a-mole prevented?
It is not prevented, but right now you wouldn't even have to play it.
> These are all *hard* problems, and none of them have much, or anything,
> to do with protocol design.
I don't see how they are. I see _all_ the hardness in the protocol design and
implementation.
Sincerely,
Malte
--
1BEA 8159 A070 2E53 0152 A59F 0CC5 76E9 703E 1DDC
Re: [Sks-devel] Verification of keys on upload and removal options, Julien Sansonnens, 2016/03/25