On Tue 2016-04-12 12:52:49 -0400, "Salz, Rich" <rsalz(_at_)akamai(_dot_)com>
wrote:
One concern i have with existing keyserver infrastructure is that anyone can
upload a key with any e-mail address. This could result in a lookup that
returns dozens or hundreds of keys.
It would be nice if PGP were so successful :)
I agree with you, but this concern isn't about success, it's about a
malicious flooding attack :/
The keyservers can address this by sending PGP-encrypted "please confirm"
email.
that doesn't work with the model of the keyserver network, where
untrusted peer keyservers gossip data between each other. i'm pretty
sure we don't want a "please confirm" e-mail from each keyserver
operator, and i think most keyserver operators don't want the
responsibility of running such a vetting service.
If the answer is "throw away the keyserver network" then that's one
thing; but if we think there needs to be a public directory lookup, then
we need a clear explanation of how that works. i understand from
Vincent's recent thread that people seem to be actively thinking about
alternatives, which is a Good Thing. but even Vincent's thread doesn't
seem to cover revocation.
--dkg
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp