1994-04-17 - Key Eater Needed. NOT!

Header Data

From: “Pat Farrell” <pfarrell@netcom.com>
To: cypherpunks@toad.com
Message Hash: 42cbd3dce47a8ef955e96e954b8d4ad2b1a9456a1de2af051465b9db534a049b
Message ID: <56611.pfarrell@netcom.com>
Reply To: N/A
UTC Datetime: 1994-04-17 19:46:01 UTC
Raw Date: Sun, 17 Apr 94 12:46:01 PDT

Raw message

From: "Pat Farrell" <pfarrell@netcom.com>
Date: Sun, 17 Apr 94 12:46:01 PDT
To: cypherpunks@toad.com
Subject: Key Eater Needed. NOT!
Message-ID: <56611.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


  Matthew J Ghio <mg5n+@andrew.cmu.edu>  writes:
> How about people just keep their keys, and the signatures, but they
> re-sign their own keys every six months or so?  In order to keep their
> keys on the keyserver, they must submit a PGP signed message to prove
> that they still have that key. If they don't, the key is assumed to be
> lost, and it is deleted.

I have no problem with periodic deletion of keys from keyservers. They are
interesting, but not a very important part of strong crypto (IMHO).

My objection is to anything that makes the key itself invalid over a period
that I don't chose.

I'm not sure what problem you are trying to solve. Loading the whole public
ring from the servers exceeds my definition of reasonable procesing now.
Since the number of keys keeps growing, I expect that it will never be
SOP to munge all of them. You will get keys directly, or get a few specific
ones on demand.

If you're just trying to save disk space on the keyservers, I'm not all that
sure it is worth the effort. Disks are cheap, and getting cheaper. But
your approach is as good as any. I know there are lots of keys on the
servers that are no longer active -- I collected a few hundred that I
exchanged with Phil K two years ago, and know many are unused starting with
strnlght, the folks at CERT, and Brad Cox's key of that vintage. Even if a
fair percentage, say 25% are dead, the savings are pretty trivial.

Pat

Pat Farrell      Grad Student                 pfarrell@cs.gmu.edu
Department of Computer Science    George Mason University, Fairfax, VA
Public key availble via finger          #include <standard.disclaimer>





Thread