[Sks-devel] stripping GD sigs (was: Re: clean sigs)

Jason Harris jharris at widomaker.com
Fri Sep 9 06:22:00 CEST 2005

On Thu, Sep 08, 2005 at 11:23:08PM -0400, David Shaw wrote:
> On Thu, Sep 08, 2005 at 11:10:23PM -0400, Jason Harris wrote:

> > Not at all.  Anyone who wants sigs from the GD should use that
> > keyserver.  They're still available from it, and, remember,
> > expired sigs don't affect the WoT, so what's the point of the
> > well-synchronized keyservers keeping GD sigs?
> You're not dropping expired signatures.  You're dropping all
> signatures from a particular key - expired or not.  Those signatures
> are part of the web of trust.  The web of trust now has a different
> view from your keyserver than from the rest of the world.

Indeed, all keyservers (except the GD) should drop GD sigs.

> If I ran a keyserver, would it be appropriate for me to drop all
> signatures from your key D39DA0E3 simply because they're available
> somewhere else?

keyserver.pgp.com doesn't synchronize with other keyservers, by design,
which they maintain to be a GoodThing(TM).  Are you currently insinuating
that the GD sigs should spam the well-synchronized keyservers?

> Personal opinions as to the usefulness of signatures should not be a
> factor in what a keyserver stores.  It's a very dangerous path to go
> down: do you also strip signatures from someone "known" to be a bad
> signer?  What's the criteria for inclusion in your keyserver?  Is it
> stated somewhere so users can read it?

Right now, TTBOMK, only the GD is, indeed, ""known" to be a bad signer."

Jason Harris           |  NIC:  JH329, PGP:  This _is_ PGP-signed, isn't it?
jharris at widomaker.com _|_ web:  http://keyserver.kjsl.com/~jharris/
          Got photons?   (TM), (C) 2004
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 313 bytes
Desc: not available
Url : /pipermail/attachments/20050909/0b6ab6f5/attachment.pgp

More information about the Gnupg-users mailing list