On Sun, 29 Apr 2018, 19:04 Ari Trachtenberg, wrote:
>
> On Apr 29, 2018, at 12:20 PM, Moritz Wirth wrote:
>
>
> The last thing is about data protection - I am pretty sure the data in the
> reconciliation process is not encrypted (which would be useless for
> On Apr 29, 2018, at 12:20 PM, Moritz Wirth wrote:
> The last thing is about data protection - I am pretty sure the data in the
> reconciliation process is not encrypted (which would be useless for public
> data) but may also be required for data exchanges by GDPR - the same
That does not solve the problem with the data deletion - the key id can be
tracked to a person and would be therefore considered as personal Information
so you would be still required to delete the key id itself.
The other big problem is the data sharing over reconciliation and other methods
-
Moritz Wirth wrote:
> Given the fact that it is not possible to delete data from a keyserver
Of course this is possible. You can delete key by using the "sks drop "
command. Now, if I understand it correctly the key will immediately be re-added
because of gossiping keyservers. However, it would
Hi Moritz,
My understanding is that the section you quoted on the "right to be
forgotten" refers to the controller's (i.e. your) obligation to inform
_other_ controllers processing the data (in this case: other keyserver
operators who, through gossip, have a "copy or replication" of the
personal
My short response to all of that is: "meh".
Less briefly: Technically, I think you're right. The whole keyserver system
doesn't appear to work at all against GDPR. But equally, a _system_ like ours
doesn't seem a very likely target of any regulators. The law was mostly
envisioned to keep
Hi Fabian,
first of all, I am not a lawyer so you should not rely on my response as
it may be wrong :)
- The GDPR applies to all persons and companies who are located in the
EU or offering goods, services or who monitor the behavior of EU data
subjects - this means that all keyservers are
So,
As I understand it, GDPR concerns all EU citizen users of a site, regardless of
where the site is hosted. How does this affect keyservers? I've seen at least
one server going offline due to it. Should I be concerned as an American
keyserver host?
--
Fabian A. Santiago
OpenPGP: