Folks,
Several times in the past years the problem of deleting keys
on user request is discussed.
E.g. see this thread and remember why should Peter Pramberger
get out of business:
http://lists.nongnu.org/archive/html/sks-devel/2010-09/threads.html#00020
The fundamental problem was that some
On 10/29/2013 11:40 AM, Kiss Gabor (Bitman) wrote:
Several times in the past years the problem of deleting keys
on user request is discussed.
...
The fundamental problem was that some users want their keys to delete
from _all_ key servers.
What users _want_ is not very relevant (well, sort
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 10/29/2013 05:01 AM, Arnold wrote:
I also once played with the thought to only store the hash and key
fingerprint in the database to satisfy database equality. But, once
you update the hash from server A, then server B (not peering with
A and
If I remember right, there was a situation that Alice created a key with the
name
of Bob. Bob complained to the key server operator, but he is not able to
modify the
key Alice created. So, the key server operator should be the one who disables
retrieval of the key.
Uhmm... :-(
Judge must
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 10/29/2013 02:07 PM, Kiss Gabor (Bitman) wrote:
If I remember right, there was a situation that Alice created a
key with the name of Bob. Bob complained to the key server
operator, but he is not able to modify the key Alice created. So,
the
Oukay i see, this is fairly complex… But thanks for pointing to the hockeypuck
Project! Is this project under heavy development or is it already running in
production?
Thanks
Tom
On 28 Oct 2013, at 22:35, Phil Pennock sks-devel-p...@spodhuis.org wrote:
On 2013-10-28 at 15:59 +0100, Thomas
On 10/28/2013 08:22 PM, Jeremy T. Bouse wrote:
I use StartCom for my SSL CA provider and they allow SANs to be added
for SNI.
I don't think that startcom is an appropriate CA for the current
hkps.pool.sks-keyservers.net. In the current setup, anyone who has
configured keyserver
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 10/29/2013 04:00 PM, Thomas Spycher wrote:
Hi,
can someone explain how the hash of a key gets generated? Like
this one here:
http://pgp.mit.edu:11371/pks/lookup?search=0x3E08F9F5op=indexhash=on
(E28699538B7DC44107355DA4924987AC)
See
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 10/29/2013 10:36 PM, dirk astrath wrote:
Hello,
Hi
The issue is the storage of personal data in worldwide databases
without the possibility to get them deleted. German law enables
everybody to get their data removed from databases. No
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello again ;-)
I understand the issue, that keys shouldn't be deleted from the
database. They should be revoked only and kept in the database.
Therefore i propose the following:
No matter, if a key is revoked or not, it should not be able to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello Kristian,
Not gonna comment too much on this, but a general note is a
question on what constitute personal data, in my experience name
and email isn't included, but IANAL.
As i wrote in my email:
The combination of email and name are
On 10/29/2013 03:51 PM, Kristian Fiskerstrand wrote:
On 10/29/2013 03:47 PM, Arnold wrote:
On 10/29/2013 02:30 PM, Kristian Fiskerstrand wrote:
The discussion gets even more interesting when dealing with
revoked keys. If an attacker (with compromised secret key
material) is given the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 10/29/2013 10:59 PM, dirk astrath wrote:
Hello again ;-)
I understand the issue, that keys shouldn't be deleted from the
database. They should be revoked only and kept in the database.
...
I suggest to sign the to-be-deleted-key with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 10/29/2013 11:04 PM, dirk astrath wrote:
Hello Kristian,
...
.
If there is no private key needed and no verification done
everybody can generate keys with every combination of name and
email-adress, generated at random dates and upload
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello Kristian,
This is why you have key validation requirements and
signatures/certification. The existence of a key doesn't bind
that key to a specific individual, no matter what the UID
says.
Wrong ... the unique email-adress is the problem
On 10/29/2013 11:25 PM, Kristian Fiskerstrand wrote:
On 10/29/2013 11:05 PM, Arnold wrote:
I deliberately separate the two. First thing is the possibility to
hide / remove / whatever a key from a network of individual and
independent key servers (operating under different local laws). If
that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 10/29/2013 11:48 PM, Arnold wrote:
On 10/29/2013 11:25 PM, Kristian Fiskerstrand wrote:
On 10/29/2013 11:05 PM, Arnold wrote:
...
The scalability I was talking about was about the existence of
multiple servers in multiple countries (to have
On Tue, 29 Oct 2013, dirk astrath wrote:
I suggest to sign the to-be-deleted-key with a special signature,
which causes the personal data of this key not to be displayed.
http://lists.nongnu.org/archive/html/sks-devel/2012-05/msg00153.html
:-)
18 matches
Mail list logo