> How long do we have now those old fashioned key servers SKS came out in 2003. It largely replaced PKS, which was widely considered old and broken. SKS was Yaron Minsky's Ph.D thesis, wherein he developed some really cutting-edge math to make key sync fast and reliable.
"Old-fashioned" is not the phrase I'd use to describe something considerably newer than GnuPG. >, and was > there ever been made attempts by the software maintainers to > modernize the code It's from 2003. It doesn't need modernization. Keyservers are designed the way they are for a reason. If keyservers *never ever discard or modify existing data*, then you can easily identify any code which theoretically might be able to discard data as a bug, a vulnerability, or tampering with it by a malicious actor. It makes code review easier and it makes it difficult for repressive regimes to surreptitiously take down certificates belonging to dissidents. This "we never discard or modify existing data, we only ever add new data" rule has some *really really nice* properties for information security. However, it also comes with a downside: we can't discard or modify existing data. It's a package deal. When SKS was being built in the early 2000s there were vigorous discussions about what properties we wanted in a keyserver. We knew exactly what we were getting into. Please, learn why it was built before you go about saying it was built badly. > The old pgp.com key server solved those problems also nicely, if i > remember correctly. I worked at PGP Security during that time period. It really didn't. If we'd received a court order compelling us to remove a cert from the keyserver and not tell anyone, we could have complied. That gave the flaming heebie-jeebies to at least three engineers on the floor, including the keyserver admin, a guy named Randy Harmon. Whether you embrace a "our keyserver can delete things" or "our keyserver is delete-free" model, that decision has immediate consequences you will not like. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
