How to handle photoID on keyserver? (Re: photo support?)

Hironobu SUZUKI <hironobu@h2np.net> Tue, 02 July 2002 02:26 UTC

Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id WAA13814 for <openpgp-archive@odin.ietf.org>; Mon, 1 Jul 2002 22:26:47 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id g622GAT28240 for ietf-openpgp-bks; Mon, 1 Jul 2002 19:16:10 -0700 (PDT)
Received: from blue.h2np.net (bule.h2np.net [210.145.219.253] (may be forged)) by above.proper.com (8.11.6/8.11.3) with ESMTP id g622G8w28235 for <ietf-openpgp@imc.org>; Mon, 1 Jul 2002 19:16:09 -0700 (PDT)
Received: from mail.h2np.net (IDENT:hironobu@pc [192.168.1.10]) by blue.h2np.net (8.9.3/8.9.3) with ESMTP id LAA29680 for <ietf-openpgp@imc.org>; Tue, 2 Jul 2002 11:17:11 +0900
Message-Id: <200207020217.LAA29680@blue.h2np.net>
From: Hironobu SUZUKI <hironobu@h2np.net>
To: ietf-openpgp@imc.org
Subject: How to handle photoID on keyserver? (Re: photo support?)
In-reply-to: Your message of "Mon, 01 Jul 2002 21:11:05 +0200." <ilusn33qn5i.fsf@latte.josefsson.org>
Date: Tue, 02 Jul 2002 11:16:11 +0900
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>


Hi, 

I have some questions about PhotoID  in public keyserver. 

  Note: public keyserver means "key server which is open to the
        public". 

  See also:
         http://galileo.spaceports.com/~jharris/keyserver.html


1) Size issue: 

  If 3% public keys have 1280 x 960 jpeg photo, Public keyserver will
  require storage area more than 13.7GB (at least).

   a) 1280 x 960 jpeg is used the default size of many digital camera.
   b) ((300 * 2^10) * (1.6 * 10^6 * 0.03)) / (2^30) = 13.732
   c) 1.6Mkeys have been submitted into current public keyserver
      and key dump size is almost 2GB.
   
2) Privacy issue:

  Someone who is not owner of that public key can put public key
  with PhotoID into public keyserver.  And everyone can get someone's
  public key with PhotoID.

I think that most OpenPGP users concern privacy issue.  Size issue
become problem to some public keyserver sites.  From my experience,
entire of storage size for handling public keysever may require 4
times (or more) of whole of public keys. I mean if dump key size is
15GB, HDD size is required 60GB at least.

In my opinion, if public key with photoID is submitted public
keyserver, public keyserver remove photoID and related signature
packets and store the remains of packates into database.

Regards,

-- 
Hironobu SUZUKI
E-Mail: hironobu@h2np.net
URL: http://h2np.net