Revoked keys on keyservers

David Shaw dshaw@jabberwocky.com
Fri Oct 19 00:25:02 2001 

--TybLhxa8M7aNoW+V
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Oct 17, 2001 at 02:33:16PM +0100, Dave Ewart wrote:


> > I also have a couple of keys that are still active, but I don't use

> > them; they were for testing. Unfortunately, I never generated

> > revocation certs for these keys, and I no longer have the secret keys.

> > Is there anyway to remove these keys from the servers? In the future,

> > I'll make off-site backups and revoke certs ASAP... even when playing

> > around.=20

>=20

> Removing stuff from the servers is not usually possibly.  Anyway, if you

> no longer have the secret keys, nor revocation certificates, how can you

> prove that they are _yours_?


A while ago there was some brief discussion on the keyserver manager
list about the idea of aging keys off of the keyservers.  Basically,
any key that didn't get refreshed after a few years would just get
dropped from the server.  The rationale was that it was the
responsibility of the key owner to keep the key out there, and if they
didn't then the server could save the space.

It does have the nice feature that all those keys that can't get
revoked would eventually go away.

As far as I recall, the idea was never implemented.

David

--=20
   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.com/
+--------------------------------------------------------------------------=
-+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson

--TybLhxa8M7aNoW+V
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iQEVAwUBO89WUIccwqs8s7QVAQFOdwf/cqGCN7sfYER7afvze+BTcsjNOubwv2G2
Kl/TSAlEx9ru/r3PxwfmvBu2Awyr2qEwrI71Nw4orqmeNSBfnLWRx7cNdcZAMkBC
ldz1ihNPyaAR07q+PQsOC+rQgJG422C5Qb6JGkQopxfMKXWHcjYTboBEqeHY1Iw5
Z7LHhhovYWyAD5UFWe7KrxE+eIu8/f3crOdPBF3gWDFPdopfulQVsx8S9pchcymN
V+fHBzoKcgMmXOrtfRNYIdrKGBagqfow2q3/4txxxQ9mvewDtFhow5QCBBrXBDR1
bMveL3cFKKkwWaEwMIh57Ip7kAVzTbtg84jq3eK0xAV1QaJYwuWgwg==
=YjvU
-----END PGP SIGNATURE-----

--TybLhxa8M7aNoW+V--