Nicholas Cole nicholas.cole at
Thu Jan 1 13:01:02 CET 2015

On Thursday, 1 January 2015, Robert J. Hansen <rjh at> wrote:

> > I’ve discussed this attack vector on the keyserver mailing list.  The
> general consensus is that the attack that I’m concerned about is real, and
> would result in serious disruption to the global keyserver network for an
> extended period until we developed countermeasures — but those
> countermeasures would fundamentally transform the keyserver network and
> force us to radically redefine our expectations of service.
> Before people think I’m overreacting —

No. It is a realistic attack. Key servers might legitimately strip photo
ids if it were ever a problem, IMHO.

But in fact, a UID packet can contain arbitrary data anyway, can't it?
Isn't that just the same problem.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20150101/9bc8c1bb/attachment.html>

More information about the Gnupg-users mailing list