On 2011-12-17 17:15, MFPA wrote: > Since you don't log into a keyserver when you post, and keyservers > store data but do not perform cryptographic functions, this is pretty > much inevitable. The "keyserver-no-modify" flag could, in theory, > carry with it a requirement that modifications to a key were signed by > that key. But, once again, increased complexity and server load. And > what about propagating changes between keyservers?
I just thought about this and while the crypto overhead would always be there, my thinking is: If we're only adding, wouldn't a signature (e.g. of a hash of the sub-packet) be okay? This works fine in terms of propagation. -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA -- nameserver 217.79.186.148 nameserver 178.63.26.172 http://opennicproject.org/ -- No situation is so dire that panic cannot make it worse.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
