Hi,
to be honest, it somehow makes me happy that we're finally being forced to
find a solution for this. It could have started worse.
I think the only reasonable solution is that every server operator gets a
local blacklist that can be filled with keys / signatures / regex etc. and
that only prevents matched entries from being saved to the database. To
remove a key from all servers, all operators would need to add it to the
blacklist then. This prevents abuse of the mechanism while giving easy,
effective control over the own database to every server operator.
We could then discuss or suggest entries for the blacklist that everyone
should add, but it would be the responsibility and choice of every admin to
follow the suggestions.
Best regards,
Tobias Frei
On Tue, May 24, 2016, 06:34 Kiss Gabor (Bitman) <address@hidden> wrote:
Guys,
Have you remembered I'm continuosly worrying about
trolls pumping 10-20 millions of dummy keys into key servers?
It is started...
http://keys.niif.hu/pks/lookup?op=vindex&search=0x0B7F8B60E3EDFAE3
(Scroll over the whole page.)
So we must hard think how to delete keys/signatures.
Gabor
_______________________________________________
Sks-devel mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/sks-devel
pgpev4ZhwiQq_.pgp