On Tue 2016-04-12 12:23:26 -0400, Derek Atkins <derek(_at_)ihtfp(_dot_)com>
wrote:
When a human needs to look up a key there is usually some other identifier
involved. Most likely it would be the UserID.
The way I see the process is:
1) I receive business card or some other form that has email + Fingerprint
2) I download key from some server using the email address
3) I verify the key using the fingerprint (to make sure it's the right one).
The fact that the fingerprint *could* be used as an identifier is what led
us to these questions.
right, thanks for pushing on this. I'm curious what the rest of the WG
thinks about this use case. if we can simplify the requirement down to
just (b) that would be nice.
One concern i have with existing keyserver infrastructure is that anyone
can upload a key with any e-mail address. This could result in a lookup
that returns dozens or hundreds of keys.
Being able to constrain a lookup by a stable, unforgeable identifier
mitigates this flooding attack.
I'm not saying that mitigation is necessarily important enough to make
it a guiding requirement for the fingerprint, though.
And perhaps this lookup-flood is an issue that could be fixed some other
way too?
wdyt?
--dkg
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp