Derek Atkins writes:
is a URL just too big? My sigs are already several lines long. E.g.,
Key: ftp://ftp.clark.net/pub/cme/cme.asc
IMHO, yes. Consider for a minute: there are currently about 20000 PGP keys on the public keyservers. There are about 30000 signatures on those keys. The keyrings are already 8MB or more.
Now, consider adding a URL to every signature. Lets even use your URL, which is 35 characters long (and lets not even count the NULL or length byte). Adding this URL to 30000 signatures would add 1050000 bytes, or just over 1MB. This is an increase in 12% of the keyrings!
Yes, but we have to assume that the need for central key servers would go away if we had a way of distributing the data around, which would reduce the problem substantially...
On the other hand, using my method and your "URL" (clark.net) would add only 10 bytes per sig, or 300k. This is only a 4% increase.
By the way, a lot of this discussion should probably also be taking place on SPKI. Perry