Unwanted additions to Keys (was: Thawte Web-Of-Trust)
L. Sassaman
rabbi@quickie.net
Thu, 6 Jul 2000 13:06:14 -0700 (PDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thu, 6 Jul 2000, Werner Koch wrote:
> On Thu, 6 Jul 2000, Huels, Ralf KSV wrote:
>
> > Maybe it would hamper the entire concept of public key exchange too
> > much, but sometimes I think some protocol to ascertain the key
> > owners consent before tampering with the key is possible would
> > be desirable.
>
> OpenPGP has a flag meaning that only the owner of a key can modify the
> key on the keyserver. He has to send signed updates to the keyserver.
> Most keyservers don't care about this flag (at least I have never seen
> a reject froma keyserver for that reason).
NAI's Keyserver 7.0 recognises this flag (I had this feature added). I
encourage the developers of the other keyservers to support it as well.
> In any case, this flag solves only one problem. It is still possible
> to flood keyservers with new keys or updates for them without a chance
> to inhibt this.
That is true... but it does help.
__
L. Sassaman
System Administrator |
Technology Consultant | "Credo quia absurdum."
icq.. 10735603 |
pgp.. finger://ns.quickie.net/rabbi | --Tertullian
-----BEGIN PGP SIGNATURE-----
Comment: OpenPGP Encrypted Email Preferred.
iD8DBQE5ZOa+PYrxsgmsCmoRAiGWAJ9hk4MXM7EqwzCZxhF0uzbGRwEUWwCgsdpq
2dTFnC9udD7eLu1WY2V6Dwk=
=zlp/
-----END PGP SIGNATURE-----