-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Subject: Re: photo support?
From: "vedaal" <vedaal(_at_)hotmail(_dot_)com>
this can lead to an overburdening of servers with 'bloated' keys, with
whatever someone may decide to want to 'store'.
This is hardly unique to the "photo ID" field. It would be easy to "store"
arbitary content in:
a notation subpacket in a valid signature;
signature MPIs;
user names; or, even
public key MPIs.
It is impossible to prevent this sort of abuse without seriously impairing
legitimate use of the public keyservers.
One man's garbage is another man's key.
it might be worthwhile to consider some maximal size for a recommended
standard, which can be implemented by the servers
refusing to accept a key greater than a certain size.
A size recommendation seems reasonable, as an implementation guideline.
A strict limit in the protocol seems most unreasonable.
This kind of restriction alone won't prevent abuse. It's only the tip
of the iceberg.
Key servers owners can always implement any restrictive policy they
want. I would urge them not to hack at specific small holes unless
there is an actual problem. If a bug in a widely used implementation
were to start generating this sort of junk, then I might act. But
that hasn't been a serious problem yet.
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3
iQA/AwUBPSDPo1MkvpTT8vCGEQInywCfcAp6qIz2nxa9mmWBFXoXg73vV0YAn0L0
5Gv1fb05x7f2NwO3u2A+mG/1
=DIp+
-----END PGP SIGNATURE-----