On Fri, Sep 09, 2005 at 07:38:31PM +0930, Alphax wrote: > Johan Wevers wrote: > > David Shaw wrote: > > > > > >>I'd be all in favor of an option where users could elect to filter out > >>keys: that would put the user in control. Forcing your decision on > >>others by stripping signatures is a very disturbing step. > > > > > > Considering the behaviour of the GD, I'd say it's also a practical issue > > about resources: if it keeps signing keys like this, an SKS server might > > well be in need of seriously more hardware than it is now. Someone's got > > to pay for that, amd I don't think all keyserver maintainers want to. > > > > Carrying out a full cleaning of keys stored on keyservers would > seriously damage the WoT. Removing duplicated signatures however would > probably have little impact, assuming you are removing only the newest > ones and keeping any signatures with attributes set (notation data, > policy URLs, revocation/expiry status).
If the keyservers had crypto support, you could do the equivalent of GnuPG "clean" on each key. Without crypto support, though, you could remove a good signature and keep a bad one. I suspect it would be cheaper to store the extra packets than it would be to do all the signature math for every key.... David _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
