I'm out travelling, so just throwing out some food for thoughts that I can elaborate on later. Please excuse spelling errors, as I'm typing on my BB.
Personally I'n not in favor of hastily adding a deletion method , as it has several major implications, but I much appreciate the discussion and agree it is good to have it well thought out in case of an 'attack' ( misuse of the intent of the sks network ). The first issue is obviously a situation where a key owned by A is comprimised and subsequently revoked. User B, that got hold of a copy of user As private key now request a deletion of the key. If the server administrator indulge this request, user B now re-upload the non-revoked key or submit this directly to counterparties, that won't get the appropriate revocation certificate. Another issue is on the server level of sks. Addition of a deletion token would, by my thoughts, result in a fragmentation of sks servers intu closer clusters. You would require a much greater degree of trust between the server operators in order to avoid misuse, and so effectively redusing the number of peers for each server, but as well limit the servers the peer would be 'permitted' to recon with in order to be in the cluster. Granted this could be mitigated if only 'trusted introducers' (TI) are able to add deletion tokens ( but as long as the protocol is open, this, itself, would require a lot of thought on implementation. E.g by adding an element to the key to be deleted that is signed by the TI. Kristian Fiskerstrand Sent from my BlackBerry® wireless device -----Original Message----- From: Yaron Minsky <ymin...@gmail.com> Sender: sks-devel-bounces+reg-sks=kfwebs....@nongnu.org Date: Tue, 7 Sep 2010 23:27:00 To: Jeff Johnson<n3...@mac.com> Reply-To: ymin...@gmail.com Cc: <sks-devel@nongnu.org>; Sebastien<sebastien.lumin...@ac-grenoble.fr>; Ari Trachtenberg<trach...@bu.edu> Subject: Re: [Sks-devel] Re: Delete key from keyserver _______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/sks-devel
_______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/sks-devel