[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] dealing with misplaced signatures
|
From: |
David Shaw |
|
Subject: |
Re: [Sks-devel] dealing with misplaced signatures |
|
Date: |
Wed, 1 Aug 2012 13:12:01 -0400 |
On Aug 1, 2012, at 12:33 PM, Daniel Kahn Gillmor wrote:
> On 08/01/2012 12:44 AM, David Shaw wrote:
>> hiding the packets is potentially harmful. [...]
>> hiding the packets from GPG prevents this repair from happening.
>> After all, if GPG doesn't get the packets, it can't move them to the
> right place. > This means the signatures are effectively lost,
>
> fwiw, in the cases where i've seen this, the packets in question are
> *already* in the correct place, they just happen to *also* be in the
> incorrect place, causing noise.
>
> We don't support "fixing" the problem where someone submits a signature
> packet after the wrong User ID, or attached to the wrong key entirely,
> and i don't believe we should.
I don't think anyone here has suggested that the keyservers repair anything.
For a start, they're not capable of it.
The question is whether the keyservers should hide obviously incorrect things
when passing keys back to clients, or pass back complete keys, including the
obviously incorrect things. My point is that if you expect GPG to be able to
fix a broken key, you need to pass back all the data, or GPG has nothing to
work from. If you are stating that in every case of this corruption that the
bad packets always exist in at least two places, and at least one of these is
in the correct place, then why are we having this discussion? Drop the packets
and be done with it.
David