[fwip]

I'm concerned about the key-removal functionality. The website (https://keys.tdjs.tech) reads: "Enter a message clearsigned with the key you wish to remove (message content is not important)"

My understanding of this is that anyone with a copy of anything you've ever signed can revoke your key. I hope I'm misunderstanding.

[tdjsnelling]

That is something glaringly obvious that I should have considered, thanks for pointing it out. I'll make the change to require a specific message.

[a1369209993]

Probably glaringly obvious (but in this case also), but you should make sure that the specific message starts with something highly conspicuous like "DAT KEYSERVER KEY REVOCATION REQUEST ID#<token>" to avoid social engineering someone with "Hey can you sign this token so I know you're you?".

[Deadsunrise]

The message has to be signed with the private key of the key so no one but the real owner can delete it. In fact, in the readme:

> If a user can prove that a key belongs to them (by signing a message with their private key) then they are able to remove their public key with no interaction needed from the server operator. Once a key is removed, it is removed from all servers in the pool.

This is a pretty fucking awesome idea.

[sp332]

To prove that you have the private key, they should send you a challenge message and make you send back that message with a signature. If you can send any signed message, anyone who has ever received a signed message from a person can upload it and revoke that person's key.

[progval]

> If you can send any signed message

Reading the code, it does indeed allow any signed message: https://github.com/tdjsnelling/dat-keyserver/blob/12fa3e8389...

[daxelrod]

The attack that I believe fwip is concerned about is:

Alice sends an email to Bob and clearsigns the message. Bob, or anyone else who intercepts the email is now able to paste that message into the form and remove Alice's key from the keyserver.

This could be mitigated by requiring it to be a specific message.

[edwintorok]

GnuPG generates a revocation certificate when you're creating a new key, import that and it requires no interaction from you or the keyserver operator. And it works even if you've forgotten the passphrase of your GPG key. Obviously you don't want to put that file anywhere public, and if it gets compromised you can just publish the file to the keyservers yourself and generate a new key.