SKS Keyserver Network Under Attack

Peter Lebbing peter at
Mon Jul 1 12:44:38 CEST 2019

On 01/07/2019 11:54, Robert J. Hansen wrote:
> [...]

I think this mail sums up the most important points about this whole
ordeal very well. I completely, wholeheartedly agree. I encourage
everyone to re-read it and internalise it.

The only point not touched upon in this specific mail, I think, is why
people who say that the damage that has been done is not of consequence,
are wrong.

It seems to me that rjh's and dkg's keys will be in many public keyrings
and in many (key) signature chains, and thus have the potential to cause
major problems for many people all around the world when they refresh
their keys. I'd say the consequences of poisoning precisely these
well-connected keys are pretty major. People who depend upon OpenPGP
will find their software is hung and timing out, even when they're not
trying to do anything with these specific public keys: often it's enough
the poison is on the keyring, as far as I can tell. Lacking the
knowledge to fix this, they will no longer be able to check signatures,
and probably be unable to read encrypted messages altogether.

For me, that'd be a nuisance.

For some people, it may have very large real-life consequences.


I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Gnupg-users mailing list