Keyserver doesn't honour removed signatures

Werner Koch wk at
Wed Apr 15 19:16:50 CEST 2009

> from whichever keyserver they like (or run their own keyserver and get
> content synced to them on a regular basis).

An easy countermeasure would be to limit the size of the meta data (user
IDs, attribute id, notations and so).  Well, until people start to chop
this data up into several signatures.  Anyway, I don't think that the
keyserver network has the capacity to work as a content delivery
services.  P2P is a far easier system for that.  Of course, the
keyservers could than act as a directory service ...



Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.

More information about the Gnupg-users mailing list