> But they kind of do already, so I don't see the point here. They don't. Let's say a keyserver operator goes rogue and decides to drop 0xB44427C7 (my cert) from the keyserver network. Great, ten minutes later it gets replaced during the next sync. So the keyserver operator deletes it again. Ten minutes later it comes back. The keyserver operator sets up a cron job to delete it every ten minutes... and a week later other keyserver operators ask, "So why is it you're always missing this one certificate?"
I would be surprised if at least one keyserver operator today didn't do a second resync a minute after the first, just to make sure no certificates were getting dropped. > If there is doubt in the trustworthiness of a keyserver (operator), other > keyservers can execute the same verification process, and if discrepancy is > found, block deletion/all requests from the rogue keyserver until the issue > is > resolved. But that's not what you said. What you said is, the individual keyserver operator gets to decide whether the removal criteria has been met. Now you're saying, "well, other keyserver operators do, too, so other people get a say in it as well." Make up your mind, draft a formal proposal, and try again. :) _______________________________________________ Sks-devel mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/sks-devel
