[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Key Eater Needed. NOT!
Matthew J Ghio <[email protected]> writes:
> How about people just keep their keys, and the signatures, but they
> re-sign their own keys every six months or so? In order to keep their
> keys on the keyserver, they must submit a PGP signed message to prove
> that they still have that key. If they don't, the key is assumed to be
> lost, and it is deleted.
I have no problem with periodic deletion of keys from keyservers. They are
interesting, but not a very important part of strong crypto (IMHO).
My objection is to anything that makes the key itself invalid over a period
that I don't chose.
I'm not sure what problem you are trying to solve. Loading the whole public
ring from the servers exceeds my definition of reasonable procesing now.
Since the number of keys keeps growing, I expect that it will never be
SOP to munge all of them. You will get keys directly, or get a few specific
ones on demand.
If you're just trying to save disk space on the keyservers, I'm not all that
sure it is worth the effort. Disks are cheap, and getting cheaper. But
your approach is as good as any. I know there are lots of keys on the
servers that are no longer active -- I collected a few hundred that I
exchanged with Phil K two years ago, and know many are unused starting with
strnlght, the folks at CERT, and Brad Cox's key of that vintage. Even if a
fair percentage, say 25% are dead, the savings are pretty trivial.
Pat
Pat Farrell Grad Student [email protected]
Department of Computer Science George Mason University, Fairfax, VA
Public key availble via finger #include <standard.disclaimer>