PGP global directory cruft in keyservers
kfitzner at excelcia.org
Thu Sep 8 04:21:24 CEST 2005
David Shaw wrote:
> Would be difficult to do in SKS. You need to be able to verify
> signatures (so cleaning doesn't remove the wrong signature), and right
> now SKS doesn't verify signatures.
The problem isn't widespread in that other keyservers are doing this
sort of thing. A simple explicit deletion of all PGP directory keys
would suffice. Plus, it would send a message to PGP about their
behavior in bloating the key infrastructure when there are lots of more
technically elegant solutions to what they were doing.
More information about the Gnupg-users