Robert J. Hansen rjh at
Thu Jan 1 03:58:59 CET 2015

> I’ve discussed this attack vector on the keyserver mailing list.  The general consensus is that the attack that I’m concerned about is real, and would result in serious disruption to the global keyserver network for an extended period until we developed countermeasures — but those countermeasures would fundamentally transform the keyserver network and force us to radically redefine our expectations of service.

Before people think I’m overreacting —

A few years ago we lost an Austrian keyserver to, of all things, EU data privacy laws.  Think about the irony of that: a tool meant to help safeguard individual privacy got shut down by a single individual who invoked EU data privacy laws to get rid of a tool that helps data privacy.

A user uploaded their certificate to a keyserver, and that certificate soon propagated around the net.  The user then decided they didn’t want their email address published like that, and invoked a right under EU law to require the keyserver operator to delete his email address.  The keyserver operator was unable to do this due to the way the keyserver network works — if he’d complied, the certificate just would have resynced a minute later.  The only way to support this EU data privacy provision was to allow the global network to drop certificates, and the global network has as a design goal that certificates *cannot* be dropped, in order to protect the integrity of the database against deliberate attack.

The keyserver operator received legal advice saying that continuing to operate his keyserver exposed him to significant legal risk.  So, without any real other alternatives, he did the only thing he could under the EU data privacy law and took his keyserver offline.

It is cheap and easy to take down any keyserver in the EU; just do what this user did.

The keyserver network is an important part of the OpenPGP ecosystem, and it’s nowhere near as robust as we like to imagine.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3634 bytes
Desc: not available
URL: </pipermail/attachments/20141231/0fe3e80e/attachment.bin>

More information about the Gnupg-users mailing list