Re: [Sks-devel] A brief recap

[Tobias Frei]

Additional note: Even when restricting append-only mode to the email field, someone could upload keys for address@hidden to permanently store the word "kryptonite" in the database. Also, one could use the first characters of key IDs to store information, linking the keys together as signatures or by alphabetical sorting.

00D... 

01E... 

02A... 

03D... 

04B...

05E... 

06E...

07F...

You couldn't even blacklist them without storing the information in your blacklist. 

Best regards 

Tobias Frei 

On Thu, Feb 7, 2019, 01:58 Robert J. Hansen <address@hidden> wrote:

> I disagree that we have to do a trade off, mostly for technical
> reasons.

Let's call forbidden information 'kryptonite'.  Kryptonite is bad stuff.
 We don't want it on moral grounds or legal grounds.  We would rather
shut down keyservers than have kryptonite on our systems.  We then have
three choices:

* Keep it from entering the system (vetted users, approved submitters)
* Find a way to purge it from the system (ending append-only)
* Shut down keyservers

Saying "we can use blacklists to avoid serving up data" leaves you still
in possession of the data.  This has bad consequences for certain kinds
of kryptonite.  And the moment you say, "well, if you're not going to
serve it up then you don't need to store it, either" you've just agreed
to waive the append-only property.

_______________________________________________
Sks-devel mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/sks-devel