Garbled data in keyservers

Werner Koch wk at gnupg.org
Wed Dec 5 13:28:50 CET 2018


On Wed,  5 Dec 2018 10:31, cod at cod-web.net said:

> On pool.sks-keyservers.net eveything works well while on other
> keyservers I get 47Mb of garbled data from Yegor Timoshenko key, which I
> never signed and I don't know exactly why it's included in search

There are several problem with the keyservers due to their policy of
being a plain data store.  Actually this policy is a Good Thing because
it allows to sync with other servers and their is no need for a central
authority.

The problem is that the keyservers are abused as data store and, worse,
as a public search engine for such data.  The latter point can be
mitigated by not having a web interface which displays everything.

Restricting user-ids and such does not help because there are other ways
to store arbitrary data in a OpenPGP keyblock.  Even keyservers which
would checking the signatures won't help because key signatures can be
made using an arbitrary amount of new keys.

A better way of using keyservers would be to entire disable their search
by name or mail address capabilities.  Not only in the web interface but
also in their API.  Of course that will be a radical change but I
consider it better for security: Too many users assume that the
keyservers return a correct key; which they don't.  In fact their is no
way to get a key for a given mail address from a web server.  It used to
work just out of luck and because all keyserver users used to be fair
netizens.

The keyserver would then be used for getting the keys to verify a
signature (because the lookup is by fingerprint) and to distribute
revocations.  That is still a useful thing to have.  Further the
keyservers should stop to accept key signature; for Web of Trust things
signed keys should be mailed directly instead (caff already does that).

FWIW, I have the problem of a garbled key for quite some time which I
can fix for me using things like

import-filter drop-sig=   sig_created_d=2015-12-24
import-filter drop-sig=|| sig_created_d=2016-03-16

in my gpg.conf.  But that is just a stopgap. 


Shalom-Salam,

   Werner



-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20181205/0bd9af32/attachment.sig>


More information about the Gnupg-users mailing list