Remove public key from keyserver
Robert J. Hansen
rjh at sixdemonbag.org
Mon Jan 15 21:00:34 CET 2018
> How long do we have now those old fashioned key servers
SKS came out in 2003. It largely replaced PKS, which was widely
considered old and broken. SKS was Yaron Minsky's Ph.D thesis, wherein
he developed some really cutting-edge math to make key sync fast and
reliable.
"Old-fashioned" is not the phrase I'd use to describe something
considerably newer than GnuPG.
>, and was
> there ever been made attempts by the software maintainers to
> modernize the code
It's from 2003. It doesn't need modernization.
Keyservers are designed the way they are for a reason. If keyservers
*never ever discard or modify existing data*, then you can easily
identify any code which theoretically might be able to discard data as a
bug, a vulnerability, or tampering with it by a malicious actor. It
makes code review easier and it makes it difficult for repressive
regimes to surreptitiously take down certificates belonging to dissidents.
This "we never discard or modify existing data, we only ever add new
data" rule has some *really really nice* properties for information
security. However, it also comes with a downside: we can't discard or
modify existing data.
It's a package deal. When SKS was being built in the early 2000s there
were vigorous discussions about what properties we wanted in a
keyserver. We knew exactly what we were getting into.
Please, learn why it was built before you go about saying it was built
badly.
> The old pgp.com key server solved those problems also nicely, if i
> remember correctly.
I worked at PGP Security during that time period. It really didn't. If
we'd received a court order compelling us to remove a cert from the
keyserver and not tell anyone, we could have complied. That gave the
flaming heebie-jeebies to at least three engineers on the floor,
including the keyserver admin, a guy named Randy Harmon.
Whether you embrace a "our keyserver can delete things" or "our
keyserver is delete-free" model, that decision has immediate
consequences you will not like.
More information about the Gnupg-users
mailing list