-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Monday 28 June 2010 at 7:12:02 PM, in
mid:1613819.20100628191...@my_localhost, I wrote:
On Monday 28 June 2010 at 4:41:16 PM, in
mid:3b0f685a-8d39-4b8c-ac4e-d4e81ca4e...@jabberwocky.com,
David Shaw wrote:
auto-key-locate
On Mon, 28 Jun 2010, David Shaw wrote:
I presently consider synchronization broken. If there were only one
network of keyservers out there, and I didn't have to search multiple
places when trying to sign or request a key, I might think otherwise,
but this is not the case. See my alternate
Dan Mahoney, System Admin wrote:
I'm also not aware of how servers synchronize, but if it's a different
protocol than the standard single-key-request protocol, then there's an
easy metric to say don't hand out keys with this flag via this protocol.
For SKS (taken from the current SKS
On Jun 28, 2010, at 12:47 AM, Dan Mahoney, System Admin wrote:
On Sun, 27 Jun 2010, David Shaw wrote:
However, you raise another question: How does a keyserver know who is
uploading the key?
At the moment, it doesn't. That would need to be addressed if you want
keyservers to be able
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Monday 28 June 2010 at 4:41:16 PM, in
mid:3b0f685a-8d39-4b8c-ac4e-d4e81ca4e...@jabberwocky.com, David Shaw
wrote:
auto-key-locate hkp://pgp.mit.edu
hkp://subkeys.pgp.net hkp://some.other.server.etc
ldap://even.a.ldap.server.works
All,
How difficult would it be to propose some kind of extension flag to the
PGP key format that in essence says don't publish me to a keyserver.
Note that I'm asking from a technical point of view, not a social (i.e.
making servers support it) or IETF one (insert bikesheds here).
My
On Jun 27, 2010, at 3:58 PM, Dan Mahoney, System Admin wrote:
All,
How difficult would it be to propose some kind of extension flag to the PGP
key format that in essence says don't publish me to a keyserver. Note that
I'm asking from a technical point of view, not a social (i.e. making
On Sun, 27 Jun 2010, David Shaw wrote:
On Jun 27, 2010, at 3:58 PM, Dan Mahoney, System Admin wrote:
All,
How difficult would it be to propose some kind of extension flag to the PGP key format
that in essence says don't publish me to a keyserver. Note that I'm asking
from a technical point
On Jun 27, 2010, at 4:27 PM, Dan Mahoney, System Admin wrote:
On Sun, 27 Jun 2010, David Shaw wrote:
On Jun 27, 2010, at 3:58 PM, Dan Mahoney, System Admin wrote:
All,
How difficult would it be to propose some kind of extension flag to the PGP
key format that in essence says don't
On 6/27/10 4:27 PM, Dan Mahoney, System Admin wrote:
On Sun, 27 Jun 2010, David Shaw wrote:
On Jun 27, 2010, at 3:58 PM, Dan Mahoney, System Admin wrote:
How difficult would it be to propose some kind of extension flag to
the PGP key format that in essence says don't publish me to a
On Sun, 27 Jun 2010, David Shaw wrote:
It's a flag that can be set on a key user ID, similar to cipher or
compression preferences. Run --edit-key on a key, and enter
showpref or pref. You will probably see a mention of Keyserver
no-modify (or no-ks-modify). You can turn it on and off with
Dan Mahoney, System Admin wrote:
The ones I've seen have enough awareness of what's in a key to pull a key
apart and determine who's signed it, when, and when it's expired. Is
there more than that to read these bits? Again:step zero may be to
determine what the internal format is.
On 6/27/10 9:23 PM, Dan Mahoney, System Admin wrote:
On Sun, 27 Jun 2010, David Shaw wrote:
At the moment, it doesn't. That would need to be addressed if you
want keyservers to be able to reject a no-ks-modify key. One way to
do it is to only accept key updates that are signed by the key
On Jun 27, 2010, at 9:23 PM, Dan Mahoney, System Admin wrote:
On Sun, 27 Jun 2010, David Shaw wrote:
On Jun 27, 2010, at 7:50 PM, Dan Mahoney, System Admin wrote:
It's effectively a no-op though, as no server supports it.
I'm looking into making mods to at least one server type (we run
14 matches
Mail list logo
