webkey service: caching/robot policy statements?

Phil Pennock gnupg-devel at spodhuis.org
Tue Jul 9 05:08:57 CEST 2019


In draft-koch-openpgp-webkey-service-08 section 4.5, policy flags, the
use of WELLKNOWN/policy is defined, with an extension mechanism.

Does this seem a reasonable location for a "caching keyserver" to check
for directives on policy controls, too?

Something like (assuming standardized, which is absolutely not
appropriate yet):
  cache-policy: prohibited
  cache-policy: min-refresh-interval=2d

Also, to double-check: the local use extension would be:


?  I'm going to risk descending into bikeshedding here because that
feels so unusual.  Rather than a whole new syntax, the two most obvious
alternatives are:

1. Use an `@` as per RFC4880 notation data, or the SSH protocol, thus:
     cache-policy at pennock.tech: min-refresh-interval=2d

2. Use reversed domain syntax, per Java, thus:
     tech.pennock.cache-policy: min-refresh-interval=2d

And to re-emphasize: I don't want cache-policy added yet, I'm still
sketching out the rough ideas in my head, I'm mostly checking if the
policy file could be for more than submission controls without having
people scream at me, and if I have the extension syntax right.


More information about the Gnupg-devel mailing list