Additional note: Even when restricting append-only mode to the email field,
someone could upload keys for krypton...@domain.org to permanently store
the word "kryptonite" in the database. Also, one could use the first
characters of key IDs to store information, linking the keys together as
> I disagree that we have to do a trade off, mostly for technical
> reasons.
Let's call forbidden information 'kryptonite'. Kryptonite is bad stuff.
We don't want it on moral grounds or legal grounds. We would rather
shut down keyservers than have kryptonite on our systems. We then have
three
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I disagree that we have to do a trade off, mostly for technical
reasons.
The append-only database and gossip protocol only cares about
public key data, not additional key packet data (e.g. emails,
signatures, photos, etc.). So, it's entirely
To spare us all diving through list archives:
The keyserver network is in a lot of ways like a blockchain. In both
cases they are distributed ledgers where any change to the ledger is
propagated through to everyone with a copy of the ledger. (Blockchain
differs by adding more cryptographic