[Autocrypt] [Sks-devel] [openpgp-email] Keyservers and GDPR
Wiktor Kwapisiewicz
wiktor at metacode.biz
Wed Nov 7 18:30:33 CET 2018
Hello,
On 07.11.2018 18:17, Tobias Mueller wrote:
> That said, I think we can store revocations in the CT logs s.t. we can
> at least have integrity protection and non-equivocation for those. Both
> properties which we currently do not have when fetching them from the
> key server.
Mozilla experimented with storing release hashes of Firefox in CT logs:
https://wiki.mozilla.org/Security/Binary_Transparency
They used Merkle tree so the amount of data stored is small (just the
tree head) compared to the OpenPGP revocation.
Kind regards,
Wiktor
--
https://metacode.biz/@wiktor
More information about the Gnupg-devel
mailing list