me a long time ago and so many people: wait there is no way to delete anything from pgp keyservers ever, including real names (of course deadnames), email-addresses and photos, what is wrong with you people and in what world do you live in

pgp: it's a feature

people: *exploit that for evil in an obvious attack*

pgp: [surprised pikachu]

and really "it's not technically possible" means "no one implemented it before and it's all so messily abandoned no one really wants to", it would be totally possible to add an authenticated, mostly empty, "deleted key" entry that would let keyservers purge matching keys and propagate the deletion, or something

Show thread

@CobaltVelvet // well, technically keyservers are the first true blockchains, but it applies a form of reverse-anthropologism to individuals: it wants people to act as dehumanized piece of hardware, like "don't hide, mask or duplicate yourself or you'll ruin the web (of trust) we're building all together".

// Secure IT is both a tool of empowerment and slavery. it's just how you design and expect it to act that defines the whole goal.

@3D63 yes but also it's an implementation detail, the dataset itself (the wot) is a big graph and can be managed as one, so we could rather easily remove data

but really i'm against it as a whole, an entirely public wot has so many issues inherent to it

@CobaltVelvet // frankly, I though updating your key, revocating enough datas nor altering things could already be enough, the recent attack showed me it's not.

// but I also never was fond of of those FOSS keysigning party where national IDs are praised and valued as the only part of defining an individual as one.

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!