| === chris14_ is now known as chris14 | ||
| Juest | umm, can canonical remove unwanted keys from the ubuntu hkp server? | 04:17 |
|---|---|---|
| sudhackar | Hello Juest, do you maintain the hkp server? | 04:19 |
| Juest | sudhackar: i am just a user asking about the server | 04:21 |
| Juest | interesting, was that a highlight word for the right people? | 04:21 |
| sudhackar | sorry I was just trying to understand the rationale behind the demand | 04:21 |
| Juest | sudhackar: to answer your question, no, but i am just wondering about whatever exceptions are done with possible high risk cases of compromised keys | 04:22 |
| Juest | well i know its just public keys but yeah | 04:22 |
| Juest | is it not possible to accidentally upload private keys, correct? | 04:22 |
| Juest | excuse my stupidity, i should know this, i was just asking to double check something of my own | 04:23 |
| sudhackar | its a hockeypuck server - You can always read their doc | 04:24 |
| Juest | can others sync with the hkp server? i am not saying its happening right now but im wondering if its possible to have a malicious scenario where syncing would cause a wipe | 04:24 |
| sudhackar | I think its valid to treat it with such threat model but both hockeypuck and `gpg --keyserver .... --send-keys ....` can be checked | 04:32 |
| Juest | :) | 04:40 |
| Juest | was it thought before? | 04:41 |
| Juest | sudhackar: so they already have checks to prevent such case? | 04:42 |
| rbasak | Juest: I'm not an expert on gpg keys and keyserver, but my understanding is that if there's a compromised key then the private key holder can issue a revocation, and that is then carried by keyservers. So keys are never deleted as such. On the Launchpad end, users list their keys, so to get Launchpad to stop treating a key as valid, the user can remove it. I don't know if Launchpad pays attention | 09:15 |
| rbasak | to key revocations or not (I'd hope it does!) | 09:15 |
| === chris14_ is now known as chris14 | ||
| Juest | rbasak: ah right, thanks for your input :) i mean, what if someone is trying to erase their existence either because of their changed threat model or being a high risk person that is harassed | 17:54 |
| JanC | if you have such a problem and if you can't remove your own keys using the protocol you can always contact Canonical directly under GDPR rules | 19:02 |
| === Juesto is now known as Juest | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!