Global Directory signatures
Greg Sabino Mullane
greg at turnstep.com
Mon Jan 3 01:36:02 CET 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> I'm curious about the details. What keyserver protocol are you
> planning to use to communicate with the outside world? (http like the
> current biglumber? hkp? ldap?)
Probably all three, in limited capacities.
> A simple solution to all of this is to allow some modifications to
> take place on keys without key owner approval: signature revocations
> (only if the original signature exists on the key), key revocations
> (anytime), and designated revocations (only from a designated
> revoker). Note that 'sensitive' designated revocations come with
> their own designated revoker status.
Yes, that's the route I am going to take: revocations will trump
everything else. However, the revoked sig will be more difficult to
implement as we'll have to somehow store the revoked sig separate
and then add it in if someone does a "remove-and-replace" update
to their key without it.
- --
Greg Sabino Mullane greg at turnstep.com
PGP Key: 0x14964AC8 200501021936
http://biglumber.com/x/web?pk=2529DF6AB8F79407E94445B4BC9B906714964AC8
-----BEGIN PGP SIGNATURE-----
iD8DBQFB2JPTvJuQZxSWSsgRAkJwAJ9nmRYJ8Z4HyQFaKpQuQJZuQLLo6wCfT4P1
Kct2KrEhI1jSuunhT0EuYJY=
=azQB
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list