Johan Wevers wrote: > David Shaw wrote: > > >>I'd be all in favor of an option where users could elect to filter out >>keys: that would put the user in control. Forcing your decision on >>others by stripping signatures is a very disturbing step. > > > Considering the behaviour of the GD, I'd say it's also a practical issue > about resources: if it keeps signing keys like this, an SKS server might > well be in need of seriously more hardware than it is now. Someone's got > to pay for that, amd I don't think all keyserver maintainers want to. >
Carrying out a full cleaning of keys stored on keyservers would seriously damage the WoT. Removing duplicated signatures however would probably have little impact, assuming you are removing only the newest ones and keeping any signatures with attributes set (notation data, policy URLs, revocation/expiry status). I think anything more drastic would require a serious overhaul of PKS infrastructure; I hope that (one day) we have keyservers that will prevent spambots from harvesting email address, eg. by requiring a challenge-response system (don't ask me how it would work). I have friends who currently don't want to use PGP because they fear that their keys will be uploaded to a keyserver, and then they will be spammed forever more. -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
