-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 27 Jun 2000, Tsolis, Kristen wrote:
I'm going to try to keep this operational, but it's hard because you're going to find that support for making a robust keyserver network hinges upon people agreeing that such a service is needed, and many PGP users are going to tell you that such a keyserver violates the PGP trust model.
Discussion in detail as to why that's so is seriously off-topic, and so I'm not going to try to defend the point one way or the other; I'm merely commenting that many PGP users will think it's so, and that's enough for the purposes of this discussion.
I don't think it is. You can't make a statement like that (when every indication says that the opposite is true) and expect people to "accept for the sake of discussion" that it is true. Keyservers are purely distribution outlets. They have no bearing on the PGP Web of Trust. (You're right that this is probably off-topic for NANOG, which is why I suggested we move the discussion to keyserver-folks, but I just wanted to point out that I don't see how/why anyone would think that a reliable keyserver network would negatively impact the web of trust. That list can be joined by sending mail to: pgp-keyserver-folk-subscribe@flame.org ) In fact, such a network would improve the Web of Trust immensely, because signatures and signature revocations would propogate more quickly and thoroughly. Nothing but good can come out of a stable robust keyserver network. __ L. Sassaman System Administrator | "Everything looks bad Technology Consultant | if you remember it." icq.. 10735603 | pgp.. finger://ns.quickie.net/rabbi | --Homer Simpson -----BEGIN PGP SIGNATURE----- Comment: OpenPGP Encrypted Email Preferred. iD8DBQE5WOFVPYrxsgmsCmoRAnrJAJ9+NFayvxVZKs2FYSSUotu2k4WRhwCdHi4S R/fRLvw/rTFyyDvuZrhl2S0= =hwdP -----END PGP SIGNATURE-----
On Tue, Jun 27, 2000 at 10:15:57AM -0700, L. Sassaman wrote:
Discussion in detail as to why that's so is seriously off-topic, and so I'm not going to try to defend the point one way or the other; I'm merely commenting that many PGP users will think it's so, and that's enough for the purposes of this discussion.
I don't think it is. You can't make a statement like that (when every indication says that the opposite is true) and expect people to "accept for the sake of discussion" that it is true.
I don't expect anybody here to accept that it is true. Not one. I only expect you to accept that a very large portion of PGP users believe it. Whether they're correct or not is completely irrelevant to the discussion at hand, and further is horribly off-topic, whereas the *FACT* that they do believe it in significant quantity is of relevance to determining whether or not it makes economic sense to try to put together the kind of widespread cooperation that will be necessary to make this as robust as DNS, which was what we were using as our benchmark. The one discussion is semi-operational; the other is completely not. I won't get into the other here.
participants (2)
-
L. Sassaman
-
Shawn McMahon