Re: [Sks-devel] Blacklisting Keys

[Yaron M. Minsky]

Blacklisting keys is a complicated topic, and it's something I've done
some thinking and research about, but little implementation.  here are a
few of the issues that come up.

      * How to specify blocked keys?  Do you use the whole-key-hash? 
        That's problematic in that a single new packet resuccitates the
        key.  That's often not quite the behavior you want.  You could
        specify the lead key packet, which is more robust, but has
        weirdnesses to it as well.  For instance, let's say I drop a
        nasty packet into someone else's key.  We'd like to be able to
        ban that packet without banning the whole key.
      * Should blocking be deep or surface?  Surface blocking just
        prevents the key from being seen by clients, but the data is
        still stored in the database.  This is reasonably good for
        blocking illegal content, but bad for dealing with denial of
        service attacks.
      * Deep blocking has its own problems, since it introduces
        persistent differences between different hosts, since it's hard
        to see how we could end up with a uniform idea of what keys need
        to be blocked.

There are more issues beyond these.  The easiest thing to add is surface
blocking by keyid.  We could then add some way of fetching from
centralized registries, and any keyserver could trust any registry it
chose to trust.  If something is going to be added, that seems like the
first thing.

y

-- 
|--------/            Yaron M. Minsky              \--------|
|--------\ http://www.cs.cornell.edu/home/yminsky/ /--------|

Open PGP --- KeyID B1FFD916
Fingerprint: 5BF6 83E1 0CE3 1043 95D8 F8D5 9F12 B3A9 B1FF D916