dshaw at jabberwocky
Apr 3, 2009, 6:26 AM
Post #2 of 2
(534 views)
Permalink
|
|
Re: HKP client certificates (was: HKP keyservers over SSL)
[In reply to]
|
|
On Apr 3, 2009, at 8:46 AM, Werner Koch wrote:
> On Mon, 23 Mar 2009 18:56, dshaw [at] jabberwocky said:
>
>> communications, rather than the client to server communications. The
>> catch, of course, is that given how the keyserver gossip protocol
>> works, a given keyserver pool must be willing to exclude everyone who
>> does not similarly use client certs.
>
> You will end up with the usual trust problem. Why should a server
> trust
> a user certificate? Well, it would allow to actually implement the
> No-modify keyserver preference we set on new keys for ages. But how
> shall this work for revocations? A user without access to his secret
> key still needs a way to upload revocations. PKIs used beyond a
> closed
> user group just don't work.
I'm referring to the server to server communications, rather than the
client (GPG) to server communications. I.e. the SKS "gossip" protocol
it uses to exchange keys internally. I can see reasons why server A
might want to authenticate server B before it allows it to contribute
to the shared keyring. The catch is as I stated: you need to be
willing to exclude every server who doesn't use keys (and even gossips
with those who don't use keys), which is a nonstarter.
David
_______________________________________________
Gnupg-devel mailing list
Gnupg-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-devel
|
