ietf-openpgp
[Top] [All Lists]

Keyserver thoughts (was Re: How to update a self-signature?)

2001-08-28 06:39:17

On Tue, Aug 28, 2001 at 09:47:24AM +0200, Werner Koch wrote:

On Mon, 27 Aug 2001 16:59:00 -0400, David Shaw said:

sort of sanity checking there.  Either way, I think it's safe to say
that incorrect clocks are out of the scope of 2440!

Keyserver may want to discard signature which are timestamped more
than a few days in the future.  This should greatly help not to spread
erroneous signatures.

Yes, indeed.

I've often thought it would be good if keyservers could trim keys on
the way out - leaving off invalid signatures, expired subkeys, expired
signatures, etc.

It would be optional and allow someone to request the complete key if
they want it.  Computer programs that try to be "smart" often raise
unforseen problems.

David

-- 
David Shaw          |  Technical Lead
<dshaw(_at_)akamai(_dot_)com>  |  Enterprise Content Delivery
617-250-3028        |  Akamai Technologies