[Sks-devel] stripping GD sigs (was: Re: clean sigs)

[Alphax]

Johan Wevers wrote:
> David Shaw wrote:
> 
> 
>>I'd be all in favor of an option where users could elect to filter out
>>keys: that would put the user in control.  Forcing your decision on
>>others by stripping signatures is a very disturbing step.
> 
> 
> Considering the behaviour of the GD, I'd say it's also a practical issue
> about resources: if it keeps signing keys like this, an SKS server might
> well be in need of seriously more hardware than it is now. Someone's got
> to pay for that, amd I don't think all keyserver maintainers want to.
> 

Carrying out a full cleaning of keys stored on keyservers would
seriously damage the WoT. Removing duplicated signatures however would
probably have little impact, assuming you are removing only the newest
ones and keeping any signatures with attributes set (notation data,
policy URLs, revocation/expiry status).

I think anything more drastic would require a serious overhaul of PKS
infrastructure; I hope that (one day) we have keyservers that will
prevent spambots from harvesting email address, eg. by requiring a
challenge-response system (don't ask me how it would work). I have
friends who currently don't want to use PGP because they fear that their
keys will be uploaded to a keyserver, and then they will be spammed
forever more.

-- 
Alphax                      |   /"\
Encrypted Email Preferred   |   \ /     ASCII Ribbon Campaign
OpenPGP key ID: 0xF874C613  |    X   Against HTML email & vCards
http://tinyurl.com/cc9up    |   / \