From: hughes@ah.com (Eric Hughes)
Date: Thu, 26 May 94 08:00:08 PDT
To: cypherpunks@toad.com
Subject: My 2.3a Key is listed as a 2.6 (Aaargh!)
In-Reply-To: <9405260835.AA24935@toad.com>
Message-ID: <9405261505.AA21318@ah.com>
MIME-Version: 1.0
Content-Type: text/plain


   Maybe  we should request to remove our keys?

Unfortunately, it wouldn't do much good.  The keyservers have no
exclude list, so even if they removed it, someone could reload it back
onto the keyserver and it would reappear.

This flaw is not, at root, a flaw with the keyservers but a flaw with
the key distribution in PGP.  You can't have a public key be anything
other than completely public, that is, you can't restrict the
distribution of a key in any way.

Why might not a key be made public?  The publication of a key sends a
message, and the message is this: "An identity of this name exists".
If you're worried about traffic analysis, you might well also be
concerned that there is knowledge that a particular key is being used
at all.  If you don't want everybody to be able to verify your
signatures, but wish to select those who may, PGP offers facility for
this.  There is no way to represent this desire syntactically and no
way to enforce the desire.

Why might not one want a key distributed?  It indicates use of
cryptography, for one, and, perhaps, the use of patent-infringing
cryptography.

Eric