Daniel Kahn Gillmor <dkg(_at_)fifthhorseman(_dot_)net> writes:
Should we try to address this? What would it mean to make this flag
meaningful? Say a keyserver decided to try to respect it: how would it
do so?
Since, as you note, the keyserver admin has the ability to tamper with
public keys regardless, I don't see wisdom in trying to securely enforce
the semantics of ks-no-modify. I think a better and simpler approach
would be to check it client-side: prompt the user for confirmation if he
tries to upload [modifications to] a public key for which ks-no-modify
is set and for which the correspond private key is not in his keyring.
--
Daniel Franke df(_at_)dfranke(_dot_)us http://www.dfranke.us
|----| =|\ \\\\
|| * | -|-\--------- Man is free at the instant he wants to be.
-----| =| \ /// --Voltaire