i am about to give up...i think we're going off-topic. perhaps we
should continue this off-list. the points i wish to make are:
-expiring keys from keyservers is not necessarily a bad idea -- at least
your example does not convince me that we would be significantly worse
off than the current situation. i like Dave Del Torto's statement:
Storing your key on a public keyserver is a privilege, not a right.
If you can't do the most basic things to maintain it, you're not
doing anyone any good, least of all yourself if you want people to
use it.
-out-of-band channels for verification are necessary for using these
kinds of systems well -- keyservers can help reduce the total amount of
out-of-band verification, but it is not a substitute on its own.
(both web-of-trust and x.509 require at least some out-of-band verification
at some point)