-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Fri, 15 Dec 2000, Dave Del Torto wrote:
The threat, perhaps a theoretical one at this point in time, is
that if you're trying to mask the very existence of your key on
one or more keyservers (for example to thwart an improperly coercive
demand for keying material from rogue officials), you will not be able
to do so with these flags. You would only be able to do this by
deleting them via an LDAPS (or similarly secure) keyserver connection.
Sure. That isn't the threat these flags were intended to solve. In fact, I
am not sure this threat you mention isn't an intractable problem; once a
key is deleted from the server, it can always be re-added by a third
party.
(Unless, of course, the no-modify flag is set. Then the owner of the key
would be required to authenticate himself prior to adding the key to the
server.)
BTW, the trail of evidence that Deletion would involve, reminds me of
another thread I wanted to raise (wearing my CryptoRights hat) with
the keyserver managers, regarding the need for standardized
mechanisms permitting secure, UNauthenticated, UNlogged connections
to keyservers. Deleting a key would still require a passphrase, but
it would permit one to clear a key if one was under threat.
Hrmm. guaranteeing that connections are unlogged isn't really possible, I
don't think. Though if this became a really important issue, I suspect you
could set up some sort of key request system using the anonymous remailer
network... but that seems a bit extreme.
Rodney Thayer and I are working on an Internet Draft for key server
behavior. We'll try to cover all these issues in there, and will welcome
any comments on it when we publish.
(Key server issues are really beyond the scope of 2440. The only reason
I've brought this up now is that I would like to see these flags added so
we can utilize them in the key servers.)
Thanks for your comments,
- --Len.
__
L. Sassaman
Security Architect | "The world's gone crazy,
Technology Consultant | and it makes no sense..."
|
http://sion.quickie.net | --Sting
-----BEGIN PGP SIGNATURE-----
Comment: OpenPGP Encrypted Email Preferred.
iD8DBQE6Or0qPYrxsgmsCmoRAo3bAKDkWxI1TZK+devdAK/dpF0RqLogfQCgupTw
UxT8xssVKNoNxR2ezEPpHZs=
=UbHQ
-----END PGP SIGNATURE-----