Remove public key from keyserver

Stefan Claas stefan.claas at posteo.de
Tue Jan 16 10:43:27 CET 2018


Am 16.01.2018 um 10:18 schrieb Werner Koch:

> On Tue, 16 Jan 2018 09:46, stefan.claas at posteo.de said:
>
>> and add some funny things to "your" public key. This would be
>> also interesting to see how many signatures a public key can bear.
> You may look at my key to see funny things and thousands of key
> signatures from made up users.  They print a messges if viewed in a
> keyserver listing.
>
> Right, these key signatures allow for a DoS and eventually we should do
> something about them.  As of now I resort to
>
> import-filter drop-sig=   sig_created_d=2015-12-24
> import-filter drop-sig=|| sig_created_d=2016-03-16
> import-filter drop-sig=|| sig_created_d=2016-03-19
> import-filter drop-sig=|| sig_created_d=2016-03-20
>
> to keep my _local_ copy of the key at a reasonable size.
I have read also once on Wikipedia about that a DoS is possible,
but the Wiki Artikel gives no figures on how much Signatures are
needed to carry out such an attack.

And what would be your proposal to eventually circumwent this?

Regards
Stefan



More information about the Gnupg-users mailing list