On Sun, 2010-08-22 at 16:18 -0500, John Clizbe wrote:

> C.J. Adams-Collier KF7BMP wrote:
> >> Associated with what? With my key? With the keyserver?
> > The email address you used when requesting peers.  The email address
> > which I will associate with the keyserver you claim to operate when you
> > confirm for me that you have physical access to the private key
> > corresponding to public key 0x5BB9A53D.
> 
> The email and key which you seem to place such great emphasis on, were only
> suggested to be added a few months ago solely as a convenience factor for
> contacting a keyserver operator. _Nothing_more_.
> 
> You seem to be placing an enormous amount of unwarranted import on them.



It seems to be a reasonable practice to request a signature using a key
associated with the contact information.  Most folks requesting peers do
this with their request.  I understand now that others do not have this
policy.  In the future, I will not notify the list when I receive a
refusal to comply with it.


> > 
> > c...@pki:~$ grep 5BB9A53D /etc/sks/membership 
> > #keyserver.pki.scientia.net 
> > 11370#ChrisMitterer<cales...@scientia.net>0x5BB9A53D
> > 
> >> Please tell me once you've got that, so that I can delete it.
> > Sorry I failed to confirm receipt previously.  Please consider my
> > initial response an indication of receipt and review of the document.
> > 
> > Please sign a message using the private key associated with 0x5BB9A53D. 
> > I will then remove the comment character from
> > keyserver.colliertech.org's /etc/sks/membership file and re-start the
> > server.  Something like the following would be more than adequate ;)
> 
> There is no need to restart the server after editing the membership file.



Oh?  Thanks.  I will keep that in mind.


> > $ echo "
> > I <your name> do hereby swear under penalty of perjury that I own and have
> > exclusive access to the private key corresponding with the public key ending
> > in <your pgp id> " | \
> > gpg --digest-algo sha256 --clearsign
> 
> *eyeroll* OYE!!! "Penalty of Perjury"?
> 
> Had you requested such a statement from me at the beginning, I would have most
> likely written you off and never bothered helping you iron out your IP config
> problems.



Aw, man.  I didn't *really* request that he sign it that way.  I was
kidding and trying to lighten the mood, hence the ";)".

You would have been right to write me off had I demanded such a thing.
A message signed with a key, preferably published in the repository is
sufficient.

Again, I'm sorry to have put everyone out with my unreasonable peering
policy.

I will publish my peering policy and reply privately with a link to it
in the future to avoid causing list flame.
I will not notify the list when I come across what I consider to be
questionable practices.
I will reduce my reliance on the information provided by potential peers
and the keys which they publish.


Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
Sks-devel mailing list
Sks-devel@nongnu.org
http://lists.nongnu.org/mailman/listinfo/sks-devel

Reply via email to