deleting signatures from uids
hawke at hawkesnest.net
Thu Nov 2 21:39:45 CET 2006
> This is not a limitation, it'a a feature :-) and this is also the reason
> why you should not play with PGP on keyservers, the result will be often
> another abandoned key.
Is there any reason that the keyserver needs to continue to redistribute
expired, revoked, or otherwise invalid (e.g. superseded) signatures?
I can't think of any.
I can kind of see why you might want to show the full history of a key,
but does it really need to be distributed out to everyone?
If this is a security risk, surely the keyserver options
"import-clean-sigs" and "import-clean-uids" are also, are they not?
-Alex Mauer "hawke"
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 252 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20061102/5ef1b0ca/signature.pgp
More information about the Gnupg-users