Public keyservers are all well and good, but in these days of internet kiosks, personal mobile devices that get lost or replaced, people need private keyservers (the server is public, it stores private keys) as well to have easy access to their private key.
Of course, the private key is stored on the keyserver encrypted with a password not known even to the keyserver.
The private keyserver can offer value added in many ways. The keys should be protected by CAPTCHAs to thwart an attacker downloading many keys and doing an offline attack against all of them.
The keyserver can notify the key owner whenever anyone accesses his private key.
The keyserver can monitor the dark side of the internet, watching for lists of sniffed passwords, try them against all the private keys, and automatically issue key revocation certificates when a key is potentially compromised (and notifies the key owner).
Of course, the keyserver can additionally protect the key with an account with a username and password, but it should be stressed that it should be a different password than the one that protects the key, and the server can enforce that by trying the account password and variations against the private key.
This makes it inconvenient for the key owner to have to remember two different passwords, so it should be configurable to just use CAPTCHAs or other delaying methods (e.g., Hashcash).
No comments :
Post a Comment