PhD project ideas
andrewg at andrewg.com
Sat Jun 9 13:34:24 CEST 2018
> On 9 Jun 2018, at 10:07, Dashamir Hoxha <dashohoxha at gmail.com> wrote:
> The keyserver is just a servant and it should obey the orders
> of the user, even if they damage the user himself.
The keyservers don’t obey anyone’s orders. They a fairly dumb, but efficient, cache. If you want a system that obeys orders then it might be better to use something like WKD or keybase, where keys are attached to individual user accounts.
The keyservers perform three main services: finding keys, updating keys and revoking keys. There are other ways of finding and updating keys these days, even if none of them are as broadly used. For me though, the killer application for the keyservers is efficient distribution of revocations.
In a GDPR apocalypse scenario the simplest fallback position for the keyservers is probably to blacklist any packets containing user IDs. This would mean keyservers would no longer be usable for finding keys by ID, but their other functions would be maintained.
This has all been discussed in excruciating detail over on the sks-devel list in the last few months, including several suggestions for keyserver improvements. This thread is probably best continued there.
More information about the Gnupg-devel