Re: [Sks-devel] Implications of GDPR

[Mike O'Connor]

On 29/04/2018 7:54 PM, Fabian A. Santiago wrote:
> So,
>
> As I understand it, GDPR concerns all EU citizen users of a site, regardless 
> of where the site is hosted. How does this affect keyservers? I've seen at 
> least one server going offline due to it. Should I be concerned as an 
> American keyserver host? 
> --
>
> Fabian A. Santiago
>
> OpenPGP:
>
> 0x643082042dc83e6d94b86c405e3daa18a1c22d8f (current key)
>  0x3c3fa072accb7ac5db0f723455502b0eeb9070fc (to be retired / revoked)
>
> _______________________________________________
> Sks-devel mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/sks-devel

I'm thinking the problem is much simpler than its being made out to be.
For the data to have got in to the SKS system the user must push it
there. Its not like we are gathering the data in the background like FB
or Google, so its the users responsibility control the data and delete
it if needed.

I do think the SKS system need a way of being told by a key owner that
they want the data to be deleted, this then get propagated as an update.
Once all the peers of an SKS Server know about a deletion request all
the data (including the key could be deleted).

There might be a problem with a re-add loop even with the above rule so
maybe a local black list might be needed.

Any how my 2 cents worth

Mike