-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Alex L. Mauer wrote: > Peter S. May wrote: > >> I would think that it's important for keyservers to widely distribute >> the revocation certificates of revoked signatures. > > Agreed. But it's not important to distribute signatures that have been > revoked. > >> If the keyservers >> simply omitted revoked signatures from search results, how would a >> client know that this uid was revoked? > > Because the server could, and presumably would, still distribute > revocation signatures, but not the signatures they revoke.
Yeah. Posted before thinking. The revocations are still good without the uids themselves. >> Stripping data that isn't >> particularly useful is a job better left to the client. > > I disagree. Downloading the data only to discard it is a waste of time > and bandwidth. Again, such is true for the uids themselves. But revocations for uids that the client doesn't have might or might not be considered superfluous. Perhaps we find a revocation for a uid we don't have yet on one keyserver and discard it, then find that uid still available on another keyserver, not yet revoked. I have no idea how that's handled. None whatsoever. Tired PSM -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFSmqlei6R+3iF2vwRAtt2AJ4xPW0IB+O8upVxTfh9wpYdV9oylgCeMi5/ XsJKh/f//z5rOafDA4DGZqw= =WlmY -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
