Re: [openpgp] Modelling an abuse-resistant OpenPGP keyserver

Thanks a lot, great work!

I fixed some minor spelling, grammar and formatting - please excuse the 
amount of pull requests.
One question:

> Clients of an updates-only keystore cannot possibly use the keystore 
> for certificate discovery, because there are no user IDs to match.
I wonder about the definition of "certificate discovery" here. Even 
without UIDs, these keystores could be used for the *retrieval* of 
specific certificates whose fingerprint (or key ID) is known. This can 
be the case for signatures (over mails, software or documents) or 
keylists like in https://tools.ietf.org/html/draft-mccain-keylist
Maybe we would want to add "certificate retrieval" at least to the next 
sentence, which begins:
> However, they can use it for certificate update
I'm sure we can come up with a good wording - if my ovservation makes 
sense in the first place.
Happy to see this evolving.

--
ilf

If you upload your address book to "the cloud", I don't want to be in it.

signature.asc
Description: PGP signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp