Why hashed User IDs is not the solution to User ID enumeration
jerome at jeromebaum.com
Sat Jan 28 10:06:01 CET 2012
On 2012-01-28 09:26, Robert J. Hansen wrote:
> ... Short version: for no-modify to work with the existing keyserver
> network, everyone would have to make the cutover or else the network
> would drown in sync messages. There's a real possibility that if just a
> few hosts didn't make the cutover that the keyserver network could go
> down, DDoSing itself into absolute oblivion as it desperately tried to
> sync keys infinitely.
Scenario 2a, until all keyservers are upgraded (even over a period of
years). Then just flip the switch to disable sync with old keyservers.
But I don't think no-modify makes sense anyway, like I said. Just an
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
No situation is so dire that panic cannot make it worse.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 878 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users