Am Mittwoch 16 Juni 2010 19:10:17 schrieb Daniel Kahn Gillmor: > Do you have other suggestions? We should consider bringing a > prioritized form of these to the sks-devel list.
A different approach might save even more bandwidth: Most keys do now change often. It is useless to download a key that has not changed. Thus the client could send a list of all keys it wants to check and the server could respond with a list of fingerprints and modification timestamps. If the server wants to do its job (without TLS) especially well then it signs this list and solves a today unsolved problem by that. This way you could even check whether a key update of yourself has reached a (non-TLS) key server. It would have to be decided whether this key server time stamp refers to the newest time stamp of a signature in the respective key (then the time stamp would be the same from all key servers and the client could check the local key to find out whether it has the current key) or to the timestamp of the last update on the key server (which would require the client to store the timestamp of the last key download for every key server). CU Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
