A couple of ideas for PGP-based programs
Jiri Baum
jirib at sweeney.cs.monash.edu.au
Mon Jan 8 03:34:43 PST 1996
-----BEGIN PGP SIGNED MESSAGE-----
Hello cypherpunks at toad.com
and Alan Olsen <alano at teleport.com>
...
> 1) Something I would like to see on the keyservers for PGP is a way of
> retreving all of the key revokations since x date without having to get all of
...
Probably a good idea (that, and/or have a mailing list with key revocations).
How about it, keys.pgp.net people?
> 2) I would like to see a program like private Idaho have the ability to send
> mail to the key server and grab all of the "unknown signator" keys.
...
This is very easy, at least in Unix: pgp -kvv, grep, cut, for.
In DOS, you can do pgp -kvv and find, then edlin to change
every "sig" into "call getkey", call the resulting (batch) file,
which will call GETKEY.BAT for every missing key. I hope.
However, I don't see much of a point to it: these are people you don't
even know the keys of; how are you going to know whether they are
trustworthy? (The Web-o-Trust can only tell you who they are, not
whether to trust them.)
...
> This would
> have the interesting effect of building a more complete keyring, while using
> the "web of trust" to weed out alot of the bogus keys that tend to crop up on
> the key servers. After n number of itenerations you would have more of the
> "important keys" and the ones that have little or no signage would be left to
...
No, you wouldn't. You would tend to have the keys that sign a lot
of other keys, which would include both SLED (Four-11) and a lot
of careless people that sign every key in sight.
How about, instead:
3) A way to retrieve all the keys signed by a given entity.
This would have the effect that when you come to trust Alice, you
can simply go and get all the keys she signed. I believe the present
keyservers don't allow that... (Or else I don't know how to ask for it.)
Hope that makes sense...
Adiau - Jiri
- --
If you want an answer, please mail to <jirib at cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
iQCVAwUBMPD/cSxV6mvvBgf5AQEAoQP+MB78qOcXqqXp8XKh8y/UCD7QW1SDN9WX
XMEYQqQijHE1JCwYBlvhtRdqunPJODGBOhN+EVNG8OBrSzQZGkWeRxa+ThhQ+E4L
dwB5WYRzjzDWTNxA1UW1W994Z+FzCUE0OouOiOLOCrstnlnJ6rEY0+NCzieQkx0L
Bf5pVdsEUJg=
=dkEp
-----END PGP SIGNATURE-----
More information about the cypherpunks-legacy
mailing list