0xdeadbeef comes of age: making keysteak with GnuPG

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Oct 10 17:47:28 CEST 2014


On 10/10/2014 11:06 AM, David Leon Gil wrote:
> (In summary: If you don't use the WoT, get OpenPGP keys via HTTPS.
> E.g.: keybase.io or pgp.mit.edu (the latter thanks to Yan Zhu's
> lobbying).)

If we're going to advocate for accessing keyservers via https (which i
think is a lovely idea, even if it doesn't mitigate all possible
attacks), it's worth advocating for the well-curated
hkps.pool.sks-keyservers.net [0], rather than encouraging everyone to
flood either https://keybase.io or https://pgp.mit.edu with traffic.

I agree with David and Thijs that OpenPGP v3 keys are long overdue for
the chopping block.

	--dkg

[0] https://sks-keyservers.net/overview-of-pools.php#pool_hkps

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 949 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20141010/f8a5409a/attachment.sig>


More information about the Gnupg-devel mailing list