-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Johan van Selst schrieb am 07.09.2010 21:11: > This is bad news indeed. I don't live in Austria, but I'm sure many > countries, including mine, have similar legislation. And I don't believe > there's a general technical answer to this. The PGP keyservers basically > use an 'add once and remember forever' principle. Now, if I remember > correctly, sks has a 'drop' feature to remove individual keys from a > keyserver, but I not sure that this permanently deletes certain keys > (it might be added again with later manual or automatic updates).
No, it gets back on the next recon run. > It may be useful to have a permanent local blacklist for individual > servers, that lists key-IDs or even email addresses that should not be > tracked in the PGP key database. I suppose this would be sufficient to > comply with the legislation regarding similar complaints, but I'm no > legal expert either. This is exactly what was intentionally NOT designed in - to prevent any form of censorship and data manipulation. How do you ensure that the blocking request comes from an authorized person? And what comes afterwards? Every public key with a lost passphrase, private key would end on this blacklist. After some time you'll need a second database for all suppressed keys... And not to forget: to prevent segmentation of the keyserver network, you'd have to synchronize the filter list across all keyservers. Br, Peter -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyGk/cACgkQcKsx5K5ighxSnACdERJY5P7HuKKDEwAQYHNkMWRd 9aMAn3BZbenPFYcz4BehXazhjy/2q95R =gjTW -----END PGP SIGNATURE----- _______________________________________________ Sks-devel mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/sks-devel
