Re: [Sks-devel] SKS should not accept or replay non-exportable certifica

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] SKS should not accept or replay non-exportable certifica

From:	John Clizbe
Subject:	Re: [Sks-devel] SKS should not accept or replay non-exportable certifications
Date:	Fri, 13 Sep 2013 18:51:33 -0500
User-agent:	Mozilla/5.0 (X11; Linux i686; rv:24.0) Gecko/20100101 Firefox/24.0 SeaMonkey/2.21

Daniel Kahn Gillmor wrote:>
> Someone™ (0x75D292D353ADACCD) made a non-exportable certification on
> your user ID "John P. Clizbe <address@hidden>"
> (2048R/0x2313315C435BD034).  Someone else uploaded that key to a
> keyserver (ok, i admit it was me :P).  The keyserver network is
> currently propagating that non-exportable certification, in
> contravention of the OpenPGP standard.

Well, thank you for at least admitting your key vandalism.

And because "you", err "Someone™", made and uploaded a regular local signature
as opposed to a self-sig, it gets cleaned when I refresh my key. GPG won't
import your bogus sig -- I suppose it could be forced to do it, but I'm really
not interested in your self-created corner-case. To me, that's the system
operating as it should. There's LOTS of cruft out there on the keyservers and
in most cases, the clients handle it.

BTW: childish stunts such as this ARE NOT the way to sway or to win my
opinion. They are more likely to lead me to the opinion that the perpetrator
is overly prone to extreme histrionic outbursts.
(As some friends of mine would say, "OH MARY! @_@ The drama-llama called. He
wants his hump back." or "Drama Queen, take your Drama-meen.")

>> There is nothing to fix here, either in SKS or in GnuPG. The thread on
>> GnuPG-users has the needed discussion.
>
> I don't think this conclusion is warranted.

Then code the patch and quit the hissy-fit. Note -- honoring the
not-exportable flag on a self-sig breaks the standard in IMO a worse way,
UID(s) without binding sig(s).

I agree with Werner and Dave Shaw that you are wrong. If you are so convinced
you are correct, post, with _ALL_ the particulars not just those that support
your stance, to the IETF-OpenPGP list and get their opinion.

As some of the other posters on the GnuPG-Users thread pointed out, there are
other ways _within_ the standard to handle what you want to get accomplished.
Key vandalism and histrionics do not advance your cause.

-- 
John P. Clizbe                      Inet: John (a) Gingerbear DAWT net
SKS/Enigmail/PGP-EKP                  or: John ( @ ) Enigmail DAWT net
FSF Assoc #995 / FSFE Fellow #1797  hkp://keyserver.gingerbear.net  or
     mailto:address@hidden

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

signature.asc
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Sks-devel] SKS should not accept or replay non-exportable certifications, Daniel Kahn Gillmor, 2013/09/12
- Re: [Sks-devel] SKS should not accept or replay non-exportable certifications, Phil Pennock, 2013/09/12
  - Re: [Sks-devel] SKS should not accept or replay non-exportable certifications, John Clizbe, 2013/09/13
    - Re: [Sks-devel] SKS should not accept or replay non-exportable certifications, Daniel Kahn Gillmor, 2013/09/13
    - Re: [Sks-devel] SKS should not accept or replay non-exportable certifications, Robert J. Hansen, 2013/09/13
    - Re: [Sks-devel] SKS should not accept or replay non-exportable certifications, Daniel Kahn Gillmor, 2013/09/13
    - Re: [Sks-devel] SKS should not accept or replay non-exportable certifications, Robert J. Hansen, 2013/09/13
    - Re: [Sks-devel] SKS should not accept or replay non-exportable certifications, Christoph Anton Mitterer, 2013/09/13
    - Re: [Sks-devel] SKS should not accept or replay non-exportable certifications, Robert J. Hansen, 2013/09/13
    - Re: [Sks-devel] SKS should not accept or replay non-exportable certifications, Christoph Anton Mitterer, 2013/09/14
    - Re: [Sks-devel] SKS should not accept or replay non-exportable certifications, John Clizbe <=
    - Re: [Sks-devel] SKS should not accept or replay non-exportable certifications, Robert J. Hansen, 2013/09/13
    - Re: [Sks-devel] SKS should not accept or replay non-exportable certifications, Daniel Kahn Gillmor, 2013/09/14
    - Re: [Sks-devel] SKS should not accept or replay non-exportable certifications, Robert J. Hansen, 2013/09/14
    - Re: [Sks-devel] SKS should not accept or replay non-exportable certifications, Daniel Kahn Gillmor, 2013/09/14
    - Re: [Sks-devel] SKS should not accept or replay non-exportable certifications, John Clizbe, 2013/09/14
    - Re: [Sks-devel] SKS should not accept or replay non-exportable certifications, Jason Harris, 2013/09/14
    - Re: [Sks-devel] SKS should not accept or replay non-exportable certifications, Phil Pennock, 2013/09/15
    - [Sks-devel] SKS should not accept or propagate User IDs with no self-sigs [was: SKS should not accept or replay non-exportable certifications], Daniel Kahn Gillmor, 2013/09/17
    - Re: [Sks-devel] SKS should not accept or propagate User IDs with no self-sigs [was: SKS should not accept or replay non-exportable certifications], ClarusComms OpenPGP Services, 2013/09/18
    - Re: [Sks-devel] SKS should not accept or propagate User IDs with no self-sigs [was: SKS should not accept or replay non-exportable certifications], Johan van Selst, 2013/09/18

Prev by Date: Re: [Sks-devel] SKS should not accept or replay non-exportable certifications
Next by Date: Re: [Sks-devel] SKS should not accept or replay non-exportable certifications
Previous by thread: Re: [Sks-devel] SKS should not accept or replay non-exportable certifications
Next by thread: Re: [Sks-devel] SKS should not accept or replay non-exportable certifications
Index(es):
- Date
- Thread