Matthew Toseland wrote: > I propose: > - We implement a Simple Revocable Key wrapper. This is simply a USK, > with the prefix being SRK instead of USK, and where we check for > SSK@<pubkey>/revoked. If this exists we return a permanent redirect to > it, instead of the data to be returned otherwise.
What FCP support do you plan for this? Maybe something like: ClientRevoke Identifier=yada yada URI=SRK at blahblah EndMessage ... RevokeSuccessful Identifier=yada yada URI=SRK at blahblah EndMessage Also, what if someone replaces 'SRK@' with 'SSK@' in the URI to bypass the revocation? Are you planning to protect against this in the node? If the node doesn't know to follow the redirect when 'SSK@' is used, then the revocation becomes just an advisory from the author to the reader. Is this actually the intent? -- Kind regards David
