Dave Del Torto, <ddt(_at_)cryptorights(_dot_)org>, writes:
What we're really discussing is the building of standards that users
will control or standards which will help control them.
[...]
Until we build ourselves total control over our keys' public
attributes and visibility, we're not really being empowered by our
crypto (possibly the opposite).
Isn't "total control over... public attributes" something of a
contradiction? By their nature, public attributes are out in public,
out in the world. There is no way the owner can exercise "total control"
over them. Adding features which ostensibly provide this kind of control
could mislead users about what they are accomplishing.
At best we can try to get the key servers to agree on ways of handling
these requests. But in effect we then bring the multitude of key servers
inside the trust boundary and depend on their cooperation in order to
achieve our trust goals. This enlarges the trusted computing base and
ultimately weakens security.
Let's keep in mind that we've been asked at a recent IETF plenary
whether or not the IETF should support wiretapping technologies in
standards. Those kinds of trial balloons are only the first at the
nexus of human rights and security technology.
At the same time we should be cognizant of what is and is not possible.
Giving people the ability to ask key servers to remove their keys will
not achieve the goal of removing those keys from the world's knowledge.
Hal