Peter Pramberger wrote: > bad news today, at least for me: > Several weeks ago I got a complaint from a user getting his old PGP key > removed from my keyserver. He got the usual answer in such cases, but > unfortunately wasn't accepting it. Instead he insisted on his right to get the > key removed, in accordence to the Austrian Data Protection Act (DSG 2000).
This is bad news indeed. I don't live in Austria, but I'm sure many countries, including mine, have similar legislation. And I don't believe there's a general technical answer to this. The PGP keyservers basically use an 'add once and remember forever' principle. Now, if I remember correctly, sks has a 'drop' feature to remove individual keys from a keyserver, but I not sure that this permanently deletes certain keys (it might be added again with later manual or automatic updates). It may be useful to have a permanent local blacklist for individual servers, that lists key-IDs or even email addresses that should not be tracked in the PGP key database. I suppose this would be sufficient to comply with the legislation regarding similar complaints, but I'm no legal expert either. Regards, Johan
pgpiNhXxW29M7.pgp
Description: PGP signature
_______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/sks-devel