Thanks David.
I understand that technically there is no software command that I
could send off anywhere that could fix the situation, right?
If you don't have the private key, then yes, right. There is nothing
you can do about it.
I feared so after I read up on all this stuff.
Wow, is it just me or does anybody else consider this a major design
flaw of the whole setup?
For two reasons:
- After decades of IT, how can one still design software that is
absolutely unforgiving to people's stupidity in a critical area.
That's like being able to close a window of unsaved work without
being prompted to save.
- It is so easy to make life miserable for somebody else. What would
prevent me from picking any e-mail address that isn't mine and upload
dozens of keys to the key servers, maybe even give them misleading
comments like "current" etc.. If anybody were then looking for the
public key to [EMAIL PROTECTED], there would be a useless mess
of keys without telling which one is correct to use. And worst of
all: Joe Smith has no way of fixing the situation, even if he is
legitimate owner of the [EMAIL PROTECTED] e-mail address.
It strikes me, that GNU-supporters would bash MS (or for that reason
any vendor of proprietary software) for dishing out once more a
thoughtless, immature and insecure software design.
I understand it must not be simple to revoke or disable keys. But it
shouldn't be impossible either, especially in the light of anybody's
capability to put public keys under my name on the server.
Am I missing something?
It's an inherent scaling problem of the keyserver net. I've
seen estimates that the majority of the keys on the keyserver net are
not used for one reason or another, but can't be deleted. Even with
the garbage keys, the keyserver database isn't too large to be served
though.
Well, my issue is not so much with the keyservers. I guess with
faster and more hardware this scheme could be maintained for decades.
But if the keyservers are not directories to look up public keys,
then what are they? And if they are meant as directories, how good
are they if they are flooded with garbage keys.
The PGP company is running a different sort of keyserver at
http://keyserver.pgp.com. This type of keyserver allows you to remove
keys if you can prove (by answering an email challenge) that you have
access to the email address on the key. This keyserver obviously does
not synchronize with the others, however.
Can gpg use this keyserver? It is listed in the settings of my MacPG.
Is using this server recommendable for everybody?
Thanks for your answers, David.
I'll do some more reading how to deal with this. This page has a
suggestion to work as good as possible with the situation:
<http://www.rossde.com/PGP/pgp_keyserv.html#noremove>
I'll have to think through it when I'm less tired. All this key stuff
is still very foreign to me.
Björn
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
