On 08/25/2010 01:19 PM, Robert J. Hansen wrote: > On 8/25/10 12:58 PM, Daniel Kahn Gillmor wrote: >> keyservers do no cryptographic verification whatsoever. I think this is >> (historically) for several reasons: > > [good reasons 0-3 skipped] > > 4) Asymmetric cryptography is computationally expensive. I would not > want to think about the CPU load of a keyserver that did verification of > every new certificate, user id, user attribute, etc., etc.
Keyervers receive relatively few new certifications each day, certainly
a small fraction of the number of requests they emit.
Compared to offering hkps service (HKP-over-TLS on port 443), i doubt
we'd notice a big computational cost differential, but i have no
quantitative data on that.
--dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
