Keyserver thoughts (was Re: How to update a self-signature?)

David Shaw <dshaw@akamai.com> Tue, 28 August 2001 13:57 UTC

Date: Tue, 28 Aug 2001 09:38:49 -0400
From: David Shaw <dshaw@akamai.com>
To: ietf-openpgp@imc.org
Subject: Keyserver thoughts (was Re: How to update a self-signature?)
Message-ID: <20010828093848.A9190@akamai.com>
Mail-Followup-To: ietf-openpgp@imc.org
References: <p05100303b7aaf65aff68@[192.168.1.180]> <008601c12c52$1b6181c0$c23fa8c0@transarc.ibm.com> <p0510031fb7ab945664e5@[192.168.1.180]> <002b01c12d74$b105fb20$c23fa8c0@transarc.ibm.com> <20010827094849.A26895@akamai.com> <87y9o5imcn.fsf@alberti.gnupg.de> <20010827123540.A834@akamai.com> <87y9o5gwzj.fsf@alberti.gnupg.de> <20010827165900.D834@akamai.com> <87d75ghbhv.fsf@alberti.gnupg.de>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <87d75ghbhv.fsf@alberti.gnupg.de>; from wk@gnupg.org on Tue, Aug 28, 2001 at 09:47:24AM +0200
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk

On Tue, Aug 28, 2001 at 09:47:24AM +0200, Werner Koch wrote:
> 
> On Mon, 27 Aug 2001 16:59:00 -0400, David Shaw said:
> 
> > sort of sanity checking there.  Either way, I think it's safe to say
> > that incorrect clocks are out of the scope of 2440!
> 
> Keyserver may want to discard signature which are timestamped more
> than a few days in the future.  This should greatly help not to spread
> erroneous signatures.

Yes, indeed.

I've often thought it would be good if keyservers could trim keys on
the way out - leaving off invalid signatures, expired subkeys, expired
signatures, etc.

It would be optional and allow someone to request the complete key if
they want it.  Computer programs that try to be "smart" often raise
unforseen problems.

David

-- 
David Shaw          |  Technical Lead
<dshaw@akamai.com>  |  Enterprise Content Delivery
617-250-3028        |  Akamai Technologies

Diffs for next draft Jon Callas
Re: Diffs for next draft Werner Koch
Re: Diffs for next draft Jon Callas
Re: Diffs for next draft Edwin Woudt
Re: Diffs for next draft Jon Callas
Encoding of "features" subpacket Michael Young
Re: Diffs for next draft Michael Young
Re: Encoding of "features" subpacket Jon Callas
Re: Diffs for next draft David Shaw
Re: Diffs for next draft David Shaw
Re: Diffs for next draft Jon Callas
Klima/Rosa attack (was: Re: Diffs for next draft) Edwin Woudt
Encoding "secret key is hashed" Michael Young
Re: Klima/Rosa attack (was: Re: Diffs for next dr… Ingo Luetkebohle
Re: Encoding "secret key is hashed" Edwin Woudt
Re: Encoding "secret key is hashed" Werner Koch
Re: Encoding "secret key is hashed" Michael Young
Re: Encoding "secret key is hashed" Michael Young
Re: Encoding "secret key is hashed" Ingo Luetkebohle
Re: Encoding "secret key is hashed" Werner Koch
Re: Encoding "secret key is hashed" Michael Young
Re: Diffs for next draft Jon Callas
Re: Diffs for next draft David Shaw
Re: Diffs for next draft Werner Koch
How to update a self-signature? Michael Young
Re: How to update a self-signature? David Shaw
Re: Diffs for next draft Florian Weimer
Re: How to update a self-signature? Werner Koch
Re: How to update a self-signature? Derek Atkins
Re: How to update a self-signature? Florian Weimer
Re: How to update a self-signature? David Shaw
Re: How to update a self-signature? David Shaw
Re: How to update a self-signature? Derek Atkins
Re: How to update a self-signature? Werner Koch
Re: How to update a self-signature? David Shaw
Re: How to update a self-signature? Werner Koch
Keyserver thoughts (was Re: How to update a self-… David Shaw
Certification revocation -- identifying the revok… Michael Young
Re: Certification revocation -- identifying the r… Thomas Roessler