> I'm thinking the problem is much simpler than its being made out to be. > For the data to have got in to the SKS system the user must push it > there. Its not like we are gathering the data in the background like FB
Actually anybody can send in your name and e-mail address (with a fake key of course). > or Google, so its the users responsibility control the data and delete > it if needed. IMHO the current form of key servers won't survive the GDPR. We have to destroy it then to rebuild from scratch. My suggestion a key server should accept keys only with a special ID record: "This is a public information as written on http://gdpr.example.com" or so. That is signed by owner. Whose identity is verified by someone else. So key server is a toy for the strong set only. At least in the first few years. Gabor _______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel