Tor and keyservers

Lachlan Gunn lachlan at
Wed Feb 24 21:41:19 CET 2016

> I haven't looked at the links yet, but what is your purpose? Do you want
> to detect rogue keyservers in the keyserver network, or perhaps attacks
> on keyservers?

Essentially I'm looking to see if it's possible to make a secure
directory service, for some definition of secure, even against
persistent attackers.

> There is no need to trust keyservers in the Web of Trust, or even in
> TOFU (as I assume in the latter you got a signed message from the other
> to start things off, and the wrong key would not verify the message).
> Still, it could be interesting to see if the keyserver network is
> somehow messed with, I suppose.

The idea is to see whether we can make something with security between
the WoT and "download a random key and see what happens" that doesn't
require user intervention.  Whether this would be too burdensome remains
to be seen.

Essentially, if you look up your email address regularly on the major
keyservers, you can see whether people emailing you out of the blue will
get the right key.  But whoever is controlling it could send you the
true key and a fake one to everyone else.  This is a way to overcome that.

If you use e.g. Signal, you can encrypt from the first message; I want
to see if that kind of user experience is possible with email, despite
the lack of what I guess you might term biometric authentication.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20160224/e578a5f3/attachment.sig>

More information about the Gnupg-users mailing list