HKP keyservers over SSL
freebsd-listen at fabiankeil.de
Sat Mar 28 18:11:53 CET 2009
David Shaw <dshaw at jabberwocky.com> wrote:
> On Fri, Mar 13, 2009 at 09:22:16PM +0100, Werner Koch wrote:
> > What we want is to make it harder to see what keys are fetched from the
> > keyserver: Obviously that should be done with TLS and we need to
> > authenticate the server to avoid MITM attacks. For the latter we have
> > several options:
> > 5. Forget about this all and implement it properly using an anonymizer
> > service. That service needs to batch up queries and insert dummy
> > queries. Should not be to hard to get this implemented in TOR.
> > The more I think about it, option 5 (enhanced TOR) looks more and more
> > promising. The basic question is why to come up with a limited
> > anti-surveillance mechanism if we could get a strong one as well. I am
> > pretty sure that a few years after the major keyservers will speak TLS,
> > real anonymity will be requested and then we can start from scratch.
> Personally, I like both options 1 and 5. I like the TOR idea (5) a
> lot. It's a clever way to work around some of the limitations of a
> public keyserver network. In the immediate sense, however, I see no
> reason to not support some of the other options as well. A
> TLS-wrapped hkp (1) does not affect a TOR implementation (and can, in
> fact, be used with a TOR implementation), and gives protection against
> casual snooping by a third party of which keys are being requested.
If the keyserver is properly setup as a location hidden
service, no third party should be able to snoop:
In related news, it would be great if more keyservers
were (additionally) reachable as location hidden services.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 195 bytes
Desc: not available
More information about the Gnupg-devel