Why Don’t We Clean Up The PGP Key Servers?

By Daniel Miessler on February 16th, 2006: Tagged as Information Security | Infosec | Privacy

I think the InfoSec community needs to make a push to purge the PGP key servers. I think it’d be nice to start off with a clean slate, you know? Virtually everyone I know has at least one public key up on a server that they no longer have the secret key for. It’s a cluster to the nth degree.

I just think it’d be nice to start fresh. Everyone who manages keyservers could send a series of notification emails to the addresses listed in their key database, and after like a year (or whatever agreed upon amount of time), the deletions would begin.

Worst case scenario is that some people need to re-upload their public keys. I think it’s a small price to pay given the resulting “fresh” feeling. I for one can’t stand looking at all those redundant, orphaned keys — it’s the OC in me I suppose.

Thoughts? Anyone agree?

  • Digg
  • Reddit
  • HackerNews
  • StumbleUpon
  • DZone
  • Google Bookmarks
  • Twitter
  • Facebook
  • del.icio.us
  • FriendFeed
  • Posterous
  • RSS
  • email
  

Comments

  • +1

    I think the operators of the keyservers disagree, though. In the past, I spent some time on the gnupg-users list, and every once in a while someone would ask how to delete their old unusable keys, and the keyserver operators would chime in with reasons about why it was a bad idea. I don't remember most of the reasons, but I was never quite convinced.
  • +1

    Hear Hear!
  • Daniel
    I'd be interested in hearing their reasons. I can see why not to allow arbitrary key deletion from users, but they should consider doing a "house cleaning".
  • I am deeply troubled by the PGP clutter. Seriously, this keep s me up at nights. ;)
  • Peoples' comments who don't use PGP don't count. ;)
  • I beg your pardon, but I actually do use PGP, daily. So there. Nuh.
  • Just saw your post on Digg, and yes, I think we've all lost the key (and passphrase) from the time we tried it first in 1998.

    pgpkeyserver # rm /var/spool/keys/* -rf
    pgpkeyserver #
  • Tortanick
    Like most PGP users I have at least one unrevoked public key from my early experiments lyeing around, I'd like to see this problem fixed too.

    My own suggestion would be to ban keys with infinite expirery dates. 3 years should be the absolute maximum. Any infinite timed keys in existance shall be given 3 years untill expery.
blog comments powered by Disqus

Twitter Microblog

twitter_icon      facebook_icon

Sample Original Content


Information Security

Tutorials and Primers

Culture & Society

Technology & Science

Politics

Philosophy & Religion

Miscellaneous

Tools & Projects


Blog Archives