SKS Keyserver Network Under Attack
mirimir at riseup.net
Mon Jul 1 04:18:57 CEST 2019
On 06/30/2019 08:33 AM, Peter Lebbing wrote:
>> "Look, this one guy who just got mugged? [...]
> I had to read it twice to distill what I think Mirimir meant, but I
> think they meant that if you blacklist/blackhole all affected
> certificates, you remove the incentive for the attackers to poison more
> certificates since the poison can't spread to the people fetching keys.
> Thus stopping the attackers.
Thanks. That's almost right. But I'm not focusing on incentives. I'm
focusing only on impacts. Because as I understand it, you can't stop
people from poisoning certificates on the SKS keyservers.
> I concluded that Mirimir perhaps forgot about that this creates a second
> attack model, where you can block keys from being on the keyserver. This
> seems like a new problem that means this stopgap measure is probably not
> the one we want, since it still provides the incentive for attackers to
> poison keys.
I didn't forget about that. I just don't think that it matters. Unless
I've misunderstood the situation, the SKS keyservers are dead meat. And
have been dead meat for a decade.
So the focus has gotta be on a secure and capable replacement. And
meanwhile, on mitigating damage done through the SKS keyservers.
More information about the Gnupg-users