On Sun 2015-03-22 10:33:01 -0500, Daniel Roesler wrote:
> I was under the impression that SKS verified signature packets both
> during upload and during gossip.
SKS does no cryptographic verification. :( Even if it were to start
doing verification, it's not clear how that would work with
certifications from keys it doesn't know about. And the introduction of
cryptographic verification would segment the SKS keyserver network into
those that do verification and those that do not; it's like applying a
filter -- it either needs to be done on all SKS instances or none of
them :/
--dkg
_______________________________________________
Sks-devel mailing list
[email protected]
https://lists.nongnu.org/mailman/listinfo/sks-devel
