On 13/05/2020 07:41, Dmitry Alexandrov via enigmail-users wrote: > Please note, that the only proper keyserver, that is working reliably > now, is hkps://keyserver.ubuntu.com. If you have been using some > other one, reconfigure.
Unfortunately since your correspondents may have their own opinions, any individual decision to anoint a "proper" keyserver will result in self-isolation. That said, we have recently moved from a largely homogeneous keyserver ecosystem with a few notable outliers to a fragmented one where the most common default is so feature-restricted that revocations no longer work. Therefore, when publishing revocations your choice is effectively to use a niche keyserver or none at all. My personal view is that the only way right now to be sure your key updates (including revocations) reach the widest audience possible is to publish separately to all of them; and for similar reasons you should also refresh your keyring separately from all of them (using parcimonie to hide your footprints if that is a concern). In the long term I believe this fragmentation is unsustainable. I have sketched out the bones of a keyserver federation model which can be layered on top of existing keyservers, subject to the condition that sufficient information can be extracted from the application logs. Keyservers would co-operate to the extent that any published key material could be reliably located, even if some keyservers refuse to store it for legal or technical reasons. It differs from the SKS model in that a) only metadata would be synchronised, not the actual data itself, and b) it would not require that everyone standardise on a single codebase. It would also admit a hierarchical model so that local caching keyservers could be created that would not need to be admitted into the top level of authoritative keyservers (somewhat like the structure of DNS). If the community thinks this would be a useful endeavour, I would be happy to discuss elsewhere (this list is probably not be the appropriate venue). -- Andrew Gallagher
signature.asc
Description: OpenPGP digital signature
_______________________________________________ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
