Unwanted additions to Keys (was: Thawte Web-Of-Trust)
Thu, 6 Jul 2000 16:32:51 +0200
On Thu, 6 Jul 2000, Huels, Ralf KSV wrote:
> Maybe it would hamper the entire concept of public key exchange too
> much, but sometimes I think some protocol to ascertain the key
> owners consent before tampering with the key is possible would
> be desirable.
OpenPGP has a flag meaning that only the owner of a key can modify the
key on the keyserver. He has to send signed updates to the keyserver.
Most keyservers don't care about this flag (at least I have never seen
a reject froma keyserver for that reason).
In any case, this flag solves only one problem. It is still possible
to flood keyservers with new keys or updates for them without a chance
to inhibt this.
Werner Koch OpenPGP key 621CC013
OpenIT GmbH tel +49 211 239577-0
Birkenstr. 12 email wk@OpenIT.de
D-40233 Duesseldorf http://www.OpenIT.de