[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] [openpgp-email] Keyservers and GDPR
From: |
Yegor Timoshenko |
Subject: |
Re: [Sks-devel] [openpgp-email] Keyservers and GDPR |
Date: |
Wed, 07 Nov 2018 10:16:51 -0000 |
> Purpose 4, distribution of key signatures, worked as long as
> people didn't used the key listings of the server or tools for
> more or less funny messages. Uploading key signature should be
> possible only by the holder of the key. However, to enforce
> this the keyservers need to employ real crypto and won't be a
> lean service anymore. I think the distribution of keyservers,
> for those who still want to use the WoT, can be replaced by
> sending the signed keys only back to owner. In fact tools like
> caff suggest this use case.
Storing and distributing signatures with issuing keys (instead of
keys that are being signed) should limit abuse potential while
still allowing for WoT.
> Purpose 5 is not relevant for OpenPGP key distribution and
> actually the reason why the keyserver network has more or less
> broken down.
World-writable storage is problematic even if there is no search.
Proof of work and some operator-controllable data removal
mechanism (like opt-in key blacklists) can help limit this attack
vector.
Storing immutable data, distributed recon, proof of work, that
sounds like something a blockchain should do to me.
- Re: [Sks-devel] [openpgp-email] Keyservers and GDPR, Andy Mueller-Maguhn, 2018/11/06
- Re: [Sks-devel] [openpgp-email] Keyservers and GDPR, Volker Birk, 2018/11/06
- Re: [Sks-devel] [openpgp-email] Keyservers and GDPR, holger krekel, 2018/11/06
- Re: [Sks-devel] [openpgp-email] Keyservers and GDPR, Werner Koch, 2018/11/07
- Re: [Sks-devel] [openpgp-email] Keyservers and GDPR, Yegor Timoshenko, 2018/11/07
- Re: [Sks-devel] [openpgp-email] Keyservers and GDPR,
Yegor Timoshenko <=
- Re: [Sks-devel] [openpgp-email] Keyservers and GDPR, Andrew Gallagher, 2018/11/07
- Re: [Sks-devel] [openpgp-email] Keyservers and GDPR, Wiktor Kwapisiewicz, 2018/11/07
- Re: [Sks-devel] [Autocrypt] [openpgp-email] Keyservers and GDPR, Tobias Mueller, 2018/11/07
- Re: [Sks-devel] [Autocrypt] [openpgp-email] Keyservers and GDPR, Wiktor Kwapisiewicz, 2018/11/07
- Re: [Sks-devel] [openpgp-email] Keyservers and GDPR, Werner Koch, 2018/11/07
- Re: [Sks-devel] [openpgp-email] Keyservers and GDPR, Yegor Timoshenko, 2018/11/07
- Re: [Sks-devel] [openpgp-email] Keyservers and GDPR, Andrew Gallagher, 2018/11/07
- Re: [Sks-devel] [Autocrypt] [openpgp-email] Keyservers and GDPR, Tobias Mueller, 2018/11/07
- Re: [Sks-devel] [Autocrypt] [openpgp-email] Keyservers and GDPR, Werner Koch, 2018/11/07
- Re: [Sks-devel] [Autocrypt] [openpgp-email] Keyservers and GDPR, Mike, 2018/11/07