Unwanted additions to Keys (was: Thawte Web-Of-Trust)

L. Sassaman rabbi@quickie.net
Thu, 6 Jul 2000 13:06:14 -0700 (PDT)

Hash: SHA1

On Thu, 6 Jul 2000, Werner Koch wrote:

> On Thu, 6 Jul 2000, Huels, Ralf KSV wrote:
> > Maybe it would hamper the entire concept of public key exchange too
> > much, but sometimes I think some protocol to ascertain the key
> > owners consent before tampering with the key is possible would
> > be desirable.
> OpenPGP has a flag meaning that only the owner of a key can modify the
> key on the keyserver. He has to send signed updates to the keyserver.
> Most keyservers don't care about this flag (at least I have never seen
> a reject froma keyserver for that reason).
NAI's Keyserver 7.0 recognises this flag (I had this feature added). I encourage the developers of the other keyservers to support it as well.
> In any case, this flag solves only one problem. It is still possible
> to flood keyservers with new keys or updates for them without a chance
> to inhibt this.
That is true... but it does help. __ L. Sassaman System Administrator | Technology Consultant | "Credo quia absurdum." icq.. 10735603 | pgp.. finger://ns.quickie.net/rabbi | --Tertullian -----BEGIN PGP SIGNATURE----- Comment: OpenPGP Encrypted Email Preferred. iD8DBQE5ZOa+PYrxsgmsCmoRAiGWAJ9hk4MXM7EqwzCZxhF0uzbGRwEUWwCgsdpq 2dTFnC9udD7eLu1WY2V6Dwk= =zlp/ -----END PGP SIGNATURE-----