Which keyserver

Neal H. Walfield neal at walfield.org
Sat Sep 19 23:50:45 CEST 2020


Hi Andrew,

On Sat, 19 Sep 2020 21:38:22 +0200,
Andrew Gallagher wrote:
> Hagrid “solves” the vandalism problem by abandoning
> decentralisation.

This is not strictly true.

When we think about updating keys, there are two types of information
that can be updated:

  - Identity Information (User IDs)
  - Operational Information (Revocations, Subkey Rotations, Metadata
    (self-sig) updates, etc.)

Identity information in privacy sensitive, and we think people should
be able to control where their details are published, and have the
ability to retract them, if desired.  This requires some type of
centralization.

Operation Information does not require the same protection, and can
and should be widely published.  It would be possible to create a
network of keyservers that synchronize this type of information in a
similar way to how SKS worked.  But, we know from experience with SKS
that this is not easy (the set of filters needs to be synchronized,
etc., which is a type of centralization).  So far, no one has taken
the time to think through this problem, and implement a solution for
Hagrid.  But, I think that we'd welcome a patch that adds such
functionality.

:) Neal



More information about the Gnupg-users mailing list