[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Key Eater Needed



Hal Finney suggests expiring old keys. The first thing we would need is a
way to clear the keyservers of such dead keys. The keyservers are already
up to 1.3 MB. Many of those keys must be long dead. In any case, the key
servers cannot just accumulate keys forever.

There is no way to know now when a key was sent to a server, so it is hard
to know when to delete it. One way would be to keep track of when new keys
are sent or updated, and delete any key which has not been updated within a
certain time, such as one year. All existing keys could be given six months
to live. Those who wanted to keep their present keys could send them again,
and others could create new ones.

The web of trust model does not lend itself easily to key expirations,
because this requires you to frequently get people to re-sign your key,
and to re-sign the keys of others. This creates the opportunity for the
"here's my new key, and I haven't got it resigned yet" attack. There
would have to be a fairly long overlap period between new and old keys,
during which time the old key signed the new key. Expirations would
complicate the system considerably.

--- Mike