-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello,
> I don't understand your point here, can you please elaborate? For > clients accessing the pool the results are simply a DNS round > robin and the client connects to a given SKS server. If there is > fragmentation in the network we'd have to split the servers > (probably exclude servers with deleted keys). Some days/weeks(?) ago i posted a share on Google+ according to this issue: Data Protection and PGP/GnuPG ?!?!?! Inspired by the +OHM Observe Hack Make-Talk about "Trolling the PGP/GnuPG-Web of Trust" by +Micah Lee I installed an "own" PGP/GnuPG-keyserver on two of my servers. One of these servers is available using the worldwide server-pool, the other server is an experimental one and not connected to the pool. While experimenting and having severals talks to a german lawyer and +Jochim Selzer (wo takes care about data protection issues) I detected a major issue, which may have a bigger impact to german (and maybe european) keyservers. The issue is the storage of personal data in worldwide databases without the possibility to get them deleted. German law enables everybody to get their data removed from databases. No matter if the data is in databases accessible via internet or in closed databases accessible for employees of a company. You may now note, that everybody should take care about uploading the public key to a public keyserver. But there is absolutely no notice telling the user, that the key is published and can never be deleted, no matter if the key is uploaded by PGP/GnuPGP or via a website of a keyserver. Furthermore anybody can send a public key to the keyserver-pool. There is no need to have the private key for the upload. As soon as I publish my public key on my website or send it via email etc. it's out of my focus. Together with my name, my email-adress and (depending of the data) the company I work at. Now expect the following case: An underaged wants to exchange protected emails with friends. When contacting a Certificate Authority, the permission of the parents is needed for storing the data and signing a "contract". If the permission is not granted, the company can be forced to revoke the contract and delete all data. For the PGP/GnuPG-keyservers nobody asks for the permission when publishing the key data like name or email-adress. Therefore anybody can send and publish the personal data on the keyservers. Let's now come back to the talk at OHM I mentioned some at the beginning of this share (https://www.eff.org/event/ohm2013-trolling-web-trust) : If there is no private key needed and no verification done everybody can generate keys with every combination of name and email-adress, generated at random dates and upload them to the keyservers. And if everybody is able to generate and publish fake keys everybody can build up fake web of trust. You my now argue that it's possible to revoke a key. This is absolutely correct, but a revocation will not be possible if you don't have the private key. And revocation will not remove the key from the keyserver-pool. This means: If a keyserver-maintainer isn't able to delete the key from the server database, a shutdown of the server can be forced. Thanks for reading ... - -----> Read the follow-up mail for a possible solution i have in my mind ... -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlJwKmUACgkQVuf/iihAxwh/gwCfQ3Gzm4U5su3m9OCnObpWCHgm 2sUAoK1Y7bPPC0wvv6HQPjE6wz+cV4o1 =0Snp -----END PGP SIGNATURE----- _______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
