> - to do this keyservers will have to actually do cryptography Are you sure? I don't think there's any attack scenario here: If any such signature exists, you can't upload the key. It's impossible to attach those to another person's key, and that's the only attack scenario I can see.
> - how does one propagates a "nokeyserver" annotation on a key in the > SKS network when this network does not carry said key One doesn't, that's the point. All keyservers reject them, both on upload and gossipping (to avoid pollution from a rogue server). > - It would help if you started by stating what real world problem you > are trying to solve. You realize that it will *not* solve the problem > where server operators are asked to remove a key from their server? What this avoids is upload of another person's key that wasn't meant to be published by accident. It's impossible to have a key right now that doesn't run a chance of publishing your user ids on keyservers. Handling this socially "don't upload another person's key, it's super impolite!" is not only ineffective, it's harmful to the ecosystem. - V _______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel