Modified user ids and key servers and a possible security risk?

Chris Knadle Chris.Knadle at
Thu Aug 26 01:45:07 CEST 2010

On Wednesday 25 August 2010 18:09:49 Hauke Laging wrote:
> Am Mittwoch 25 August 2010 20:37:08 schrieb Daniel Kahn Gillmor:
> > > [good reasons 0-3 skipped]
> > > 
> > > 4) Asymmetric cryptography is computationally expensive.  I would not
> > > want to think about the CPU load of a keyserver that did verification
> > > of every new certificate, user id, user attribute, etc., etc.
> > 
> > Keyervers receive relatively few new certifications each day, certainly
> > a small fraction of the number of requests they emit.
> > 
> > Compared to offering hkps service (HKP-over-TLS on port 443), i doubt
> > we'd notice a big computational cost differential, but i have no
> > quantitative data on that.
> And in contrast to TLS this CPU load can be postponed without serious
> consequences. If the load is high then new signatures could simply be added
> and checked later.

There's a problem with this idea, which is that there's no opportunity to 
notify the client that there was a problem if the check is done /later/.  If 
instead the computation is done at the time of the uploaded modification, then 
there's an opportunity for the server to notify the gpg client that there was 
a problem.

  -- Chris


Chris Knadle
Chris.Knadle at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20100825/5d092291/attachment.pgp>

More information about the Gnupg-users mailing list