[Sks-devel] stripping GD sigs (was: Re: clean sigs)

David Shaw dshaw at jabberwocky.com
Fri Sep 9 23:28:36 CEST 2005

On Sat, Sep 10, 2005 at 12:28:22AM +0930, Alphax wrote:
> David Shaw wrote:
> > On Fri, Sep 09, 2005 at 11:02:56AM +0200, Johan Wevers wrote:
> > 
> >>David Shaw wrote:
> >>
> >>
> >>>I'd be all in favor of an option where users could elect to filter out
> >>>keys: that would put the user in control.  Forcing your decision on
> >>>others by stripping signatures is a very disturbing step.
> >>
> >>Considering the behaviour of the GD, I'd say it's also a practical issue
> >>about resources: if it keeps signing keys like this, an SKS server might
> >>well be in need of seriously more hardware than it is now. Someone's got
> >>to pay for that, amd I don't think all keyserver maintainers want to.
> > 
> > 
> > I have sympathy for that argument, so wouldn't it be good to trace
> > down where the sigs are entering the keyserver net, and ask whoever is
> > doing it to stop?  It seems like the obvious first step.
> > 
> Well, I don't know *where* they are coming from, but I (and the kind
> soul who worked it out and told me) know think we know *how* it's being
> done. And unfortunately, it's very easy (too easy!) to do, especially
> for someone with a high-speed internet connection.

Yep.  Oddly enough, people seem to blame the GD and PGP company rather
than blaming the actual litterer.


More information about the Gnupg-users mailing list