ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: how to respect keyserver no-modify ?

2009-06-12 01:57:20
from [Daniel Franke] [Permanent Link] 

Daniel Kahn Gillmor <dkg(_at_)fifthhorseman(_dot_)net> writes:

Should we try to address this?  What would it mean to make this flag
meaningful?  Say a keyserver decided to try to respect it: how would it
do so?


Since, as you note, the keyserver admin has the ability to tamper with
public keys regardless, I don't see wisdom in trying to securely enforce
the semantics of ks-no-modify.  I think a better and simpler approach
would be to check it client-side: prompt the user for confirmation if he
tries to upload [modifications to] a public key for which ks-no-modify
is set and for which the correspond private key is not in his keyring.

-- 
 Daniel Franke         df(_at_)dfranke(_dot_)us         http://www.dfranke.us
 |----| =|\     \\\\    
 || * | -|-\---------   Man is free at the instant he wants to be. 
 -----| =|  \   ///     --Voltaire
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: how to respect keyserver no-modify ? [was: Re: openpgplint], John W. Moore III
Next by Date:  Re: openpgplint: encouraging best practices for OpenPGP keys today, David Crick
Previous by Thread:  Re: how to respect keyserver no-modify ? [was: Re: openpgplint], David Shaw
Next by Thread:  Re: openpgplint: encouraging best practices for OpenPGP keys today, David Crick
Indexes:  [Date] [Thread] [Top] [All Lists]