Re: [openpgp] Modelling an abuse-resistant OpenPGP keyserver
ilf <ilf@zeromail.org> Fri, 12 April 2019 20:13 UTC
Return-Path: <ilf@zeromail.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5193E1200EF for <openpgp@ietfa.amsl.com>; Fri, 12 Apr 2019 13:13:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id idUXX5_VkoSW for <openpgp@ietfa.amsl.com>; Fri, 12 Apr 2019 13:13:11 -0700 (PDT)
Received: from smtpin.nadir.org (fry.nadir.org [217.114.68.218]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3CBF91200EA for <openpgp@ietf.org>; Fri, 12 Apr 2019 13:13:10 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by smtpin.nadir.org (Postfix) with ESMTP id C5C2D7C99A2 for <openpgp@ietf.org>; Fri, 12 Apr 2019 22:13:06 +0200 (CEST)
Received: from smtpin.nadir.org ([127.0.0.1]) by localhost (fry.nadir.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NXMGByUWXHpN for <openpgp@ietf.org>; Fri, 12 Apr 2019 22:13:06 +0200 (CEST)
Received: from snail.zeromail.org (mail.zeromail.org [217.114.68.185]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtpin.nadir.org (Postfix) with ESMTPS id 8D38A7C999E for <openpgp@ietf.org>; Fri, 12 Apr 2019 22:13:06 +0200 (CEST)
Received: from [127.0.0.1] (localhost [127.0.0.1])ng TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by snail.zeromail.org (Postfix) with ESMTPSA id 717B6C013E for <openpgp@ietf.org>; Fri, 12 Apr 2019 22:13:05 +0200 (CEST)
Date: Fri, 12 Apr 2019 22:13:00 +0200
From: ilf <ilf@zeromail.org>
To: openpgp@ietf.org
Message-ID: <20190412201300.GJ1226@zeromail.org>
Mail-Followup-To: openpgp@ietf.org
References: <87v9zt2y2d.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="u2SGZJvfJjPItuJA"
Content-Disposition: inline
In-Reply-To: <87v9zt2y2d.fsf@fifthhorseman.net>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/DWpu7z1frW_GlzC1d6pZ8XucvSs>
Subject: Re: [openpgp] Modelling an abuse-resistant OpenPGP keyserver
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Apr 2019 20:13:14 -0000
Thanks a lot, great work! I fixed some minor spelling, grammar and formatting - please excuse the amount of pull requests. One question: > Clients of an updates-only keystore cannot possibly use the keystore > for certificate discovery, because there are no user IDs to match. I wonder about the definition of "certificate discovery" here. Even without UIDs, these keystores could be used for the *retrieval* of specific certificates whose fingerprint (or key ID) is known. This can be the case for signatures (over mails, software or documents) or keylists like in https://tools.ietf.org/html/draft-mccain-keylist Maybe we would want to add "certificate retrieval" at least to the next sentence, which begins: > However, they can use it for certificate update I'm sure we can come up with a good wording - if my ovservation makes sense in the first place. Happy to see this evolving. -- ilf If you upload your address book to "the cloud", I don't want to be in it.
- [openpgp] Modelling an abuse-resistant OpenPGP ke… Daniel Kahn Gillmor
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Peter Gutmann
- Re: [openpgp] [Sks-devel] Modelling an abuse-resi… Kiss Gabor (Bitman)
- Re: [openpgp] [Sks-devel] Modelling an abuse-resi… Wiktor Kwapisiewicz
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Jonathan McDowell
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Daniel Kahn Gillmor
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Micah Lee
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Phil Pennock
- Re: [openpgp] Modelling an abuse-resistant OpenPG… ilf
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Daniel Kahn Gillmor
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Daniel Kahn Gillmor
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Daniel Kahn Gillmor
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Daniel Kahn Gillmor
- Re: [openpgp] Modelling an abuse-resistant OpenPG… ilf
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Daniel Kahn Gillmor
- Re: [openpgp] Modelling an abuse-resistant OpenPG… ilf
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Daniel Kahn Gillmor
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Daniel Kahn Gillmor