Remove public key from keyserver

Stefan Claas stefan.claas at
Mon Jan 15 21:23:08 CET 2018

On Mon, 15 Jan 2018 15:00:34 -0500, Robert J. Hansen wrote:
> > How long do we have now those old fashioned key servers  
> SKS came out in 2003.  It largely replaced PKS, which was widely
> considered old and broken.  SKS was Yaron Minsky's Ph.D thesis,
> wherein he developed some really cutting-edge math to make key sync
> fast and reliable.
> "Old-fashioned" is not the phrase I'd use to describe something
> considerably newer than GnuPG.
> >, and was
> > there ever been made attempts by the software maintainers to
> > modernize the code  
> It's from 2003.  It doesn't need modernization.

No? I for one would like to be sure that i am the only person who
can upload my public key to a key server directory.

Example: Bob does some nasty things with Alice her key which she
don't like, or better said hate. Since there is no key removal
currently implemented how should she  deal with that?

> Keyservers are designed the way they are for a reason.  If keyservers
> *never ever discard or modify existing data*, then you can easily
> identify any code which theoretically might be able to discard data
> as a bug, a vulnerability, or tampering with it by a malicious
> actor.  It makes code review easier and it makes it difficult for
> repressive regimes to surreptitiously take down certificates
> belonging to dissidents.
> This "we never discard or modify existing data, we only ever add new
> data" rule has some *really really nice* properties for information
> security.  However, it also comes with a downside: we can't discard or
> modify existing data.
> It's a package deal.  When SKS was being built in the early 2000s
> there were vigorous discussions about what properties we wanted in a
> keyserver.  We knew exactly what we were getting into.
> Please, learn why it was built before you go about saying it was built
> badly.
> > The old key server solved those problems also nicely, if i
> > remember correctly.  
> I worked at PGP Security during that time period.  It really didn't.
> If we'd received a court order compelling us to remove a cert from the
> keyserver and not tell anyone, we could have complied.  That gave the
> flaming heebie-jeebies to at least three engineers on the floor,
> including the keyserver admin, a guy named Randy Harmon.
> Whether you embrace a "our keyserver can delete things" or "our
> keyserver is delete-free" model, that decision has immediate
> consequences you will not like.

Well, i personally liked the option that i could delete my key.



More information about the Gnupg-users mailing list