Why do existing PGP key servers not perform e-mail verification? Wouldn't it help the problem of authenticating of public keys?
By e-mail verification/confirmation I mean a single e-mail sent to the public key e-mail address. The public key would only be published if the e-mail address owner confirms the key.
Some do. keyserver.pgp.com does for example and it's a useful precaution. However, it would not be sensible to rely on this or you'd be able to publish public keys - and undertake a spoofing attack or man in the middle attack - if you were to compromise someone's email account only and then submit a fake key!
The best way to ensure ownership is checking the fingerprint by word of mouth or some other, trusted, channel.
