nicholas.cole at gmail.com
Thu Jan 1 13:01:02 CET 2015
On Thursday, 1 January 2015, Robert J. Hansen <rjh at sixdemonbag.org> wrote:
> > I’ve discussed this attack vector on the keyserver mailing list. The
> general consensus is that the attack that I’m concerned about is real, and
> would result in serious disruption to the global keyserver network for an
> extended period until we developed countermeasures — but those
> countermeasures would fundamentally transform the keyserver network and
> force us to radically redefine our expectations of service.
> Before people think I’m overreacting —
No. It is a realistic attack. Key servers might legitimately strip photo
ids if it were ever a problem, IMHO.
But in fact, a UID packet can contain arbitrary data anyway, can't it?
Isn't that just the same problem.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnupg-users