On Fri 2016-09-16 16:17:41 -0400, Brian Minton wrote: > One possibility would be to have the keyserver sort by the time the > key was first seen. That way, there'd be a slightly lower chance of > getting an impostor's key. Going by the creation date is not very > useful, since impostors could create their key with whatever creation > date they like. It would still be insecure without fingerprint > verification, but it would perhaps provide a modicum of security.
This goes back to asking the keyservers to operate as trusted parties,
though, which is not something we've traditionally asked of keyserver
operators.
It is also unclear what this means for a new keyserver. When i set up a
new keyserver, it sees all existing keys at the same time. and when new
keys are introduced, they propagate through the network in different
orders. Should the ordering i get back differ from keyserver to
keyserver?
--dkg
signature.asc
Description: PGP signature
_______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
