recommendation for key servers

Justus Winter justus at sequoia-pgp.org
Wed Jun 30 12:18:23 CEST 2021


Werner Koch via Gnupg-devel <gnupg-devel at gnupg.org> writes:

> On Sun, 27 Jun 2021 13:20, Tobias Wendorff said:
>
>> So maybe sign the contenting process using the private key in future?
>
> Casey Marshall wrote in the Hockeypuck 2.1 announcement [1]:
>
>   - Authenticated key management. This adds a couple of extra endpoints
>     which allow a key owner to replace and delete their key,
>     authenticated by signing the armored key in the request. This allows
>     a key owner to still update their own key once it has been inflated
>     beyond the key length limit.
>
>   Blacklists and auth key management may also be of interest to keyserver
>   operators subject to GDPR-related requests.
>
> However there was not much followup on this.  If there is something in
> GnuPG we can do to support these features, we should do that sooner than
> later.

I fear that the mechanism has not been very well designed.  In short, I
believe it is not complete, not functional, and dangerous:

https://github.com/hockeypuck/hockeypuck/issues/136

Justus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 519 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20210630/796f0634/attachment.sig>


More information about the Gnupg-devel mailing list