Ciao. Il 27/05/2012 11:23, Kristian Fiskerstrand ha scritto: > I too, agree, that this is something that should be considered. > > GnuPG is already doing its own cleaning up of the code for similar > reasons, something which was discussed back in April 2011 as well[0] > (and reminded me about [1], I had nearly forgotten about that) :)
I'm just a newbie here, but actually I'd like to see the same concept applied in a more general way: I think there is much garbage in the keyservers, even behind the PGP robo-signer. For example, I think that many keys are not used anymore, were created some times ago by some random people that then lost interest in PGP and just left it, maybe without even revoking it. I'm an example of that: lots of keys with my name date back to when I didn't really understand how keys worked (I managed to revoke most of them, but for some I really lost the private key). The mechanism I thought to is that: each piece of information in SKS has associated an expiry date, which can be renewed simply by reuploading that thing. This expiry date is communicated between SKS together with the piece of information itself. When if expiry date is reached, the server is allowed to drop that information. This way people can easily retain the things they're interested into (simply reuploading them regularly), while things not interesting to anyone anymore fade out. I don't know what expiry time frame we could consider acceptable: probably anything between one month and one year would make sense. Did you ever think at something like that? Giovanni. -- Giovanni Mascellani <mascell...@poisson.phc.unipi.it> Pisa, Italy Web: http://poisson.phc.unipi.it/~mascellani Jabber: g.mascell...@jabber.org / giova...@elabor.homelinux.org
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
