HKP keyservers over SSL

Werner Koch wk at
Fri Apr 3 15:09:55 CEST 2009

On Wed, 25 Mar 2009 01:17, dkg at said:

>>   3. Use a list of server certificate fingerprints and compare against
>>      them.  For example in the DNS which is secure enough for our threat
>>      model.  Recall that the servers can still track key requests.
> I don't think i understand this option.  Why is the DNS sufficiently
> secure here?

The idea is that we maintain a list of server certificate hashes and at
connection time we compare against that list and thus there is no need
to discuss about the so-called benefits of a root certificate.  

My threat model is a casual snooping attack and thus I consider DNS
secure enough; of course it depends on what you call casual attack.

That list could also be maintained on a website or signed by a few
trustworthy keys.  However that would immediately introduce a PKI again.

> ;)  I think a GNUNet service that focuses on distributing key material
> would be a great thing to have, but i don't see it replacing HKP any
> time soon, with all the HKP clients that exist.

Me too.  We have to live with HKP.  Look only on how hard it is to
convince people nut to use the old broken pgp keyservers.  We are trying
for years to abolish the sue of them but without much success.

> queries, users can opt to use tor or not without needing to change gpg,
> no?  Can't gpg users already use tor for keyserver lookups in fact?  (i
> haven't tried it myself).

Sure, you can.



Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.

More information about the Gnupg-devel mailing list