Daniel Kahn Gillmor wrote:
Are there other proposed ways one could implement a keyserver which
respects the intent of keyserver no-modify?
Rather than attempt to introduce this much complexity into the Keyserver
system [an impossibility] if such a scheme must be implemented then
simply introduce into the Key Generation Wizard the --keyserver command
and then have the individual specify where they desire their Key to be
retrieved from. [Big Lumber, Personal Web page, etc.] Of course this
pre-supposes that all other Users have the --honor-keyserver-url
preference specified in gpg.conf or their Options file. [possibly
excluding PGP & other OpenPGP implementations] :-\
The bottom line is that it is too late to re-invent the Keyserver
System/Network for Key distribution. Sufficient tools exist already to
mitigate 'Key pollution' from Keyservers but education of the User Base
in proper implementation is sorely lacking. IMO the dilemma of
--no-ks-modify falls under the heading of "Accept the things I cannot
Change" & "Wisdom to know the difference."
JOHN :-\
Timestamp: Friday 12 Jun 2009, 00:53 --400 (Eastern Daylight Time)
signature.asc
Description: OpenPGP digital signature