Why hashed User IDs is not the solution to User ID enumeration

Jerome Baum jerome at jeromebaum.com
Sat Jan 28 10:06:01 CET 2012


On 2012-01-28 09:26, Robert J. Hansen wrote:
> ... Short version: for no-modify to work with the existing keyserver
> network, everyone would have to make the cutover or else the network
> would drown in sync messages.  There's a real possibility that if just a
> few hosts didn't make the cutover that the keyserver network could go
> down, DDoSing itself into absolute oblivion as it desperately tried to
> sync keys infinitely.

Scenario 2a, until all keyservers are upgraded (even over a period of
years). Then just flip the switch to disable sync with old keyservers.

But I don't think no-modify makes sense anyway, like I said. Just an
interesting problem.


-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
--
nameserver 217.79.186.148
nameserver 178.63.26.172
http://opennicproject.org/
--
No situation is so dire that panic cannot make it worse.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 878 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20120128/e632bff9/attachment.pgp>


More information about the Gnupg-users mailing list