Re: [Sks-devel] Verification of keys on upload and removal options

[Robert J. Hansen]

> But they kind of do already, so I don't see the point here.

They don't.  Let's say a keyserver operator goes rogue and decides to
drop 0xB44427C7 (my cert) from the keyserver network.  Great, ten
minutes later it gets replaced during the next sync.  So the keyserver
operator deletes it again.  Ten minutes later it comes back.  The
keyserver operator sets up a cron job to delete it every ten minutes...
and a week later other keyserver operators ask, "So why is it you're
always missing this one certificate?"

I would be surprised if at least one keyserver operator today didn't do
a second resync a minute after the first, just to make sure no
certificates were getting dropped.

> If there is doubt in the trustworthiness of a keyserver (operator), other 
> keyservers can execute the same verification process, and if discrepancy is 
> found, block deletion/all requests from the rogue keyserver until the issue 
> is 
> resolved.

But that's not what you said.  What you said is, the individual
keyserver operator gets to decide whether the removal criteria has been
met.  Now you're saying, "well, other keyserver operators do, too, so
other people get a say in it as well."

Make up your mind, draft a formal proposal, and try again.  :)