On 16/01/18 15:54, Robert J. Hansen wrote: > What Stefan and Listo want is some mechanism by which, if I have a copy > of their public key, I can be prohibited from sharing that with a > keyserver.
I think that's not really the issue. You can share the key all you want, it just won't be provided to others /by/ the keyserver, that is the crux. You could of course run your own keyserver if you want it to do something different. I am in the possession of this very mail I'm typing now, yet I can't make it show up if somebody types in <https://gnupg.org/>. That doesn't mean that the GnuPG webserver is implementing DRM to prevent me to share my own e-mail. It's basic access control when only the operator can change the website, not DRM, and cryptography is used to facilitate the access control. The mechanism to prove you are the owner of a public key is pretty much in place :-). A mechanism where you can have a signed statement saying "on 2018-01-16, I allow my key to show up on keyservers", and a signed statement saying "from 2018-04-01 on you should no longer expose this key to clients" is not DRM, IMHO, just authentication. Anybody could upload this statement to the keyserver. But it will only be cryptographically valid if *created* by the holder of the private key. I'm not saying this is the way to go. Just that I don't see it as DRM as far as I understand. This "right to be forgotten" is obviously management of restrictions on the dissemination of data. It's just not digital so far. My 2 cents, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users