| > If a user has to call into your keyserver to get a key before they can start a conversation with a new friend, as you're the sole authority who can decrypt the Merkle tree entries - does that introduce any problems? It would, but they're addressed by the total design. > And how will you authenticate shredding requests? Does that just happen out-of-band? Essentially, yes, it's out-of-band. The actual shredding isn't part of the protocol. The way I see it is, this only matters when the requestor's lawyers issue a takedown for their client's Personal Data (previously referred to erroneously as PII, though the distinction between the two jargony terms wasn't something I ever needed to care about). If I didn't take the steps outlined in this blog post, the director's operator would be in a precarious legal situation. But with this specification, the operator just queries their database for the in-scope records and deletes the stored key. How that's actually implemented in software, and how the operator verifies that the legal notice for the takedown is authentic, aren't problems I have a readily available solution for. There may not even be a one-size-fits-all solution here. As I've said, my goal isn't "GDPR Compliance". That's not a property I'm advertising. My goal is to create Key Transparency and a PKI without Authorities for the Fediverse. I simply don't want to make it logistically impossible for someone else to deploy this in the EU. |
Maybe the act of erasure should also be publicly recorded?