Keyserver doesn't honour removed signatures

Robert J. Hansen rjh at
Wed Apr 15 17:43:20 CEST 2009

> Hypothetically, if a key is signed using another key which contains  
> a jpg image of something illegal in the keyserver's location, what  
> then? It would seem to me that the only option would be to remove  
> the keyserver from the keyserver network.

... that's a truly /ghastly/ little attack against the keyserver  
network, and I'm ashamed that I didn't think of it first.

The keyserver network is principally guided by this design goal: do  
not ever lose key material.  New data may be entered, but old data  
must persist.  Now, if a photo is attached to a key and the photo must  
be removed for legal reasons, one of three things will occur:

(a) the keyserver network gets taken down
(b) the keyserver network gets taken over by people trafficking in  
illegal images
(c) a way to remove UIDs without the owner's permission is added to  
the keyserver network

I don't really like those prospects.  Any of them.

This message was sent using IMP, the Internet Messaging Program.

More information about the Gnupg-users mailing list