On May 27, 2012, at 6:03 AM, Kristian Fiskerstrand wrote: > > The reason this differ from the e.g the PGP Corp auto-signature, is that > (i) It add a lot of bloat > (ii) removing the expired old signatures, in my mind, doesn't reduce > the security of the overall system > (iii) I question the usefulness of the auto-signing itself. >
As near as I can tell the intent behind the auto-signature, it seems that the PGP Directory Server is attempting "origin authentication" (as in this key was accessed from the directory server at a known point in time) using a digital signature. The bloat is coming from the 1 week (iirc) period which governs both how often the pubkey is resigned, and how long the signature is valid. I'd agree the current "security of the overall system" isn't weakened by filtering expired signatures. However, the robo-signing is also providing a persistent time record at a 1-week granularity indicating the history of specific public keys. The historical record could be preserved through archiving: most usage cases of signatures do not use the time stamp as anything other than an informative piece of metadata. But personally I think the robo-signing is bloated/unnecessary: a single signature SHOULD suffice as an index point into historical/archival records with some notary provided by pgp.com, not from SKS key servers. hth 73 de Jeff _______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel