Modified user ids and key servers and a possible security risk?
Hauke Laging
mailinglisten at hauke-laging.de
Thu Aug 26 02:13:50 CEST 2010
Am Donnerstag 26 August 2010 01:45:07 schrieb Chris Knadle:
> There's a problem with this idea, which is that there's no opportunity to
> notify the client that there was a problem if the check is done /later/.
That's not a problem. You cannot require a server to make this decision
immediately. The server can tell you that this decision is postponed and for
how long it well be at most. The client can decide then to make a query at
that time or later to check if the requested update has been made.
This way the information what kind the error was of is lost, though. But if
you like to make it more complicated then the keyserver could log failed
updates and their check result so in case of error (no update visible to the
client after the given check period) the client would upload the same data
again and then the server could respond with the error information without
causing CPU load.
Hauke
--
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20100826/ec8d5b22/attachment-0001.pgp>
More information about the Gnupg-users
mailing list