> The keyservers never, never, never lose certificates. That's a design > goal and one that the SKS maintainers believe is a good one. I agree > with them, and want to see this design goal maintained in all future > development.
Some of us worries about DOS and installs HTTP proxy quickly. However a malicious attacker (working for XXXXX government that hates PGP) can more easily down the _whole_ SKS pool: it is enough to inject 50 millions of fake keys. I think there should be a mechanism to purge unnecessary keys. However I don't believe in expiry or other automatic ways. My idea: there shoud be five wise and trusted peoples -- i.e. a committee. Each of them would have a special revoking key. If four of five signes a key in the database it should be deleted and never accepted again. Gabor -- E-mail = m-mail * c-mail ^ 2 _______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
