>> 1. What criteria should be met before a key is removed? > > Owner of private key or owner of UID/email address requests it.
So far, so good. >> 2. Who decides that the criteria have been met? > > The keyserver operator the request is sent to. Going off the rails. >> 3. How are malicious removals prevented? > > If owner of private key and owner of UID/email address disagree, the key > stays > off the servers. If they agree there should be no malicious removal. Gone completely. If a keyserver operator can decide that "the owner of this certificate has requested its removal", how can the certificate owner's wish that it NOT be removed be honored? You're giving keyserver operators carte blanche to remove certificates at will -- and that's a level of authority they *mustn't* possess. _______________________________________________ Sks-devel mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/sks-devel
