Re: [Sks-devel] Displaying user images on index page

[Thomas Sjögren]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, Feb 25, 2004 at 12:53:22PM -0700, Chris Kuethe wrote:
> Blacklist of keys? X509 supports certificate revocation lists, why don't we,
> as the server admins, publish a list of key IDs, hashes that we won't serve.
> it's purely voluntary on the part of each server admin, but this way if I
> find an Evil Key, I refuse to hand it out on a webpage and publish this fact
> to the other admins who may or may not agree with my decision and react as
> they see fit.

To make this semi-automatic why not let the server sync revocation-lists
as well?
For example: An admin adds the keys he doesnt want to publish to a
local revocation-list, this list is then sent to the other servers,
renamed to remote.revocation (or whatever) so the admin of the new
server can check the list and compare it to his local one.
This can also work with a value-system; if three admins have added a key
to the revocation-list the key(s) will automatically be added to the
local list.

/Thomas
- -- 
== address@hidden | address@hidden
== Encrypted e-mails preferred | GPG KeyID: 114AA85C
- --
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iQEVAwUBQD0iKtXAsD67qPj1AQL5EwgArwjY99X76ll/b81lItSigD14D0kVBRMf
2lG9FW5O2k8rukMAxVLHgZchzJwTSbfUqZI7Njist2ipbkHjcyPQV8ykzqcFo2t1
AG6OFWSq1Know/OOsoS/9HI0KpDD0LCtIMa6hE3HHkCe56szAGtDGfLONw9uXq5g
NFBxpzstvj2QICspaxXLklM1PJ4U+p9OZqqcmpKygh65Dri5zxic/I86pVOwOZOq
whI7cu8q2VwAY7LQX3OBXogb7W/JeGpnZpQsATX+mF2bxAuOrXq2IKPSLncdFJJe
lcVvjsgTinrSVeOX750QTBU3ccIexnolz8x2telLwXWjrU4DU+2u0w==
=kSks
-----END PGP SIGNATURE-----