On Fri 2016-09-16 16:17:41 -0400, Brian Minton wrote:

> One possibility would be to have the keyserver sort by the time the
> key was first seen.  That way, there'd be a slightly lower chance of
> getting an impostor's key.  Going by the creation date is not very
> useful, since impostors could create their key with whatever creation
> date they like. It would still be insecure without fingerprint
> verification, but it would perhaps provide a modicum of security.

This goes back to asking the keyservers to operate as trusted parties,
though, which is not something we've traditionally asked of keyserver

It is also unclear what this means for a new keyserver.  When i set up a
new keyserver, it sees all existing keys at the same time.  and when new
keys are introduced, they propagate through the network in different
orders.  Should the ordering i get back differ from keyserver to


Attachment: signature.asc
Description: PGP signature

Sks-devel mailing list

Reply via email to