Re: Remove public key from keyserver (was: Hide UID From Public Key Server By Poison Your Key?)
On 15 Jan 2018 at 18:53, Andrew Gallagher wrote: > > > On 15 Jan 2018, at 16:39, Stefan Claas > > wrote: > > > > Maybe we need (a court) case were a PGP user requests the removal of > > his / her keys until the operators and code maintainers wake up? > > You also need to prove that removal is technically possible. Otherwise > all that such a court case will achieve is to shut down the > keyservers. OK, THIS should be basically possible to implement, in the same way like a new or updated key propagates itself. Not now but would be a good idea. And with no warranty however that this key is not anywhere else backbackbackupped and eventually loaded up again Exists any flag for pubkeys "please do never ever store this key on a keyserver", if not, would be a good idea, too. There are many reasons NOT to want a key on the keyservers. Regards Matthias -- OpenPGP: http://www.mansfeld-elektronik.de/gnupgkey/mansfeld.asc Fingerprint: 6563 057D E6B8 9105 1CE4 18D0 4056 1F54 8B59 40EF ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Remove public key from keyserver (was: Hide UID From Public Key Server By Poison Your Key?)
> On 15 Jan 2018, at 16:39, Stefan Claas wrote: > > Maybe we need (a court) case were a PGP user requests the removal > of his / her keys until the operators and code maintainers wake up? You also need to prove that removal is technically possible. Otherwise all that such a court case will achieve is to shut down the keyservers. A ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Remove public key from keyserver (was: Hide UID From Public Key Server By Poison Your Key?)
On Mon, 15 Jan 2018 17:14:40 +0100, Jason Lawrence wrote: > > That said I guess ideas like this have already > > likely been discussed before? > > Good luck with that, the similar discussing has > been hold years and nothing ever changed. Last > time I checked, a discussing in 2005 was labeled > as "Remove public key from keyserver No.74" > > > Sent: Monday, January 15, 2018 at 4:14 PM > From: "Leo Gaspard" > To: gnupg-users@gnupg.org > Subject: Remove public key from keyserver (was: Re: Hide UID From > Public Key Server By Poison Your Key?) On 01/15/2018 08:13 AM, Robert > J. Hansen wrote:>> Since you can never remove > >> anything from the public key server, You are > >> wondering if you can add something to it -- for > >> example, add another 100 of UIDs with other > >> people's real name and emails so people can not > >> find out which one is yours, and append another > >> 100 of digital signature so people get tired > >> before figure out which one is from valid user. > > > > I rarely use language like this, but this time I think it's > > warranted: > > > > This is a total dick move. Don't do this. You'll make yourself a lot > > of enemies, and if you pick the wrong real names and emails, some of > > those people are pretty damn good at figuring out what's going on. > > > > Don't put real names and emails belonging to other people on your > > cert. It's *rude*. If someone goes looking for "Robert J. Hansen > > " I want them to see one cert is newest and I > > want them to use that one. If you go about putting my name and > > email address on your cert, I'm going to get cross. > > > > Again: this is a total dick move. Don't do this. > > That said, it raises the interesting question of revocation of data on > keyservers (and the associated legal issues in operating keyservers, > as the operator is supposed to comply with requests to remove > personally-identifiable information from it). > > I was just thinking, would it be possible to have a tag (a UID with > special meaning, like “please-remove...@srs-keyservers.net”?) for > which the signature would be verified by the keyserver, and that > would cause it to drop everything from its storage apart from this > tag? This way the “please remove me” tag would just naturally > propagate across keyservers, and all up-to-date-enough keyservers > will drop all the data associated with the key except the tag and the > master public key (basically, the strict minimum to check the said > tag). > > That said I guess ideas like this have already > lhttps://en.wikipedia.org/wiki/Right_to_be_forgottenikely been > discussed before? Maybe we need (a court) case were a PGP user requests the removal of his / her keys until the operators and code maintainers wake up? Or PGP users simply forget those old fashioned geek key servers and use modern solutions like keybase.io for example. https://en.wikipedia.org/wiki/Right_to_be_forgotten Regards Stefan -- https://www.behance.net/futagoza https://keybase.io/stefan_claas ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Remove public key from keyserver (was: Hide UID From Public Key Server By Poison Your Key?)
> That said I guess ideas like this have already > likely been discussed before? Good luck with that, the similar discussing has been hold years and nothing ever changed. Last time I checked, a discussing in 2005 was labeled as "Remove public key from keyserver No.74" Sent: Monday, January 15, 2018 at 4:14 PM From: "Leo Gaspard" To: gnupg-users@gnupg.org Subject: Remove public key from keyserver (was: Re: Hide UID From Public Key Server By Poison Your Key?) On 01/15/2018 08:13 AM, Robert J. Hansen wrote:>> Since you can never remove >> anything from the public key server, You are >> wondering if you can add something to it -- for >> example, add another 100 of UIDs with other >> people's real name and emails so people can not >> find out which one is yours, and append another >> 100 of digital signature so people get tired >> before figure out which one is from valid user. > > I rarely use language like this, but this time I think it's warranted: > > This is a total dick move. Don't do this. You'll make yourself a lot > of enemies, and if you pick the wrong real names and emails, some of > those people are pretty damn good at figuring out what's going on. > > Don't put real names and emails belonging to other people on your cert. > It's *rude*. If someone goes looking for "Robert J. Hansen > " I want them to see one cert is newest and I want > them to use that one. If you go about putting my name and email address > on your cert, I'm going to get cross. > > Again: this is a total dick move. Don't do this. That said, it raises the interesting question of revocation of data on keyservers (and the associated legal issues in operating keyservers, as the operator is supposed to comply with requests to remove personally-identifiable information from it). I was just thinking, would it be possible to have a tag (a UID with special meaning, like “please-remove...@srs-keyservers.net”?) for which the signature would be verified by the keyserver, and that would cause it to drop everything from its storage apart from this tag? This way the “please remove me” tag would just naturally propagate across keyservers, and all up-to-date-enough keyservers will drop all the data associated with the key except the tag and the master public key (basically, the strict minimum to check the said tag). That said I guess ideas like this have already likely been discussed before? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
