Talk:Key server (cryptographic)

From Wikipedia, the free encyclopedia

This article is part of WikiProject Cryptography, an attempt to build a comprehensive and detailed guide to cryptography on Wikipedia. If you would like to participate, you can choose to edit the article attached to this page, or visit the project page, where you can join the project and see a list of open tasks.

[edit] List of keyservers?

Wouldn't this be an appropriate page to list some indices of popular keyservers? -- anon

Perhaps, although we want to avoid adding lots because Wikipedia discourages large directories of external links. One idea would be to link to a page which lists lots of key servers. — Matt Crypto 07:13, 11 Mar 2005 (UTC)

Matt, could you make this a redirect to Key server (cryptographic), I made a disambiguation and started expanding the article. But, I don't think I have access privileges to make a redirect. I'm not 100% sure I did the disambiguation correctly, so feel free to make what ever changes. Thanks. — V. Alex Brennen Fri Nov 4 10:21:57 EST 2005

PGP Corp. has created a centralized keyserver due to the difficulty of implementing the openpgp protocol. Many existing keyservers have difficulty handling subkey packets (damaging them), and ignore many other important types of packets altogether. Therefor, people are probably better to run with their default configurations for now rather than making use of listings. — V. Alex Brennen Thu Sep 29 12:41:09 EDT 2005

Righty, that's done. — Matt Crypto 19:04, 4 November 2005 (UTC)

[edit] Web of trust

This article really doesn't deal much with the role of the public key server in the web of trust. Some mention of the fact that many public key servers enable other users to update your public key with their trust certifications (signatures) would be useful, as this is one of the advantages of this over other distribution methods. It would also bear mentioning that many of these servers communicate information about key revocation.

Some mention of synchronization between various public key servers and its consequences would also be useful.

Barring negative reaction, I would happily make these changes.
Reskusic 19:20, 8 March 2007 (UTC)

I think this would be a wonderful addition. Key Revocation is one aspect that I think is really missing in the article. I think this is needed as this is how the "plaque" problem is supposed to be addressed. Old signatures (pre-revocation) would then still be treated as valid and the problem of bogus keys would be averted.

It might also serve to point out that relying solely on the newer PGP Open directory could lead to potential identity errors as revocations would fall off the server instead of pointing out unreliable signatures.

ZZ (talk) 16:35, 22 February 2008 (UTC)

[edit] Weaken security

This section is really confusing in my opinion. It looks like PGP is somehow less secure than the whole PKI? There's no difference between publishing certificates/keys which are public. This sounds like a typical security by obscurity, and it's sounds weird. Every security system can be broken and PGP is not an exception. If the attacker cannot obtain your public key, means nobody can means there's no way for the people in the Net to tell who you are, means PGP/PKI is useless - anonymous. —Preceding unsigned comment added by 193.41.16.26 (talk) 09:38, 25 September 2007 (UTC)