SKS Keyserver Network Under Attack
wiktor at metacode.biz
Tue Jul 2 10:01:25 CEST 2019
On 02.07.2019 00:43, Alyssa Ross wrote:
> The impression I got was that they're very optimistic about their
> ability to handle traffic to their server -- they were happy to have a
> distro make the switch, and will be changing the defaults in Enigmail
> and OpenKeychain very soon, as I understand it.
I did work on one scheme that uses OpenPGP and I did some extensive
tests even before keys.openpgp.org was announced and in terms of
reliability it's day vs night compared to SKS.
Hagrid, as far as understand it, serves keys from static files so it by
design has good performance. SKS on the other hand requires caches in
front of the server and, in my tests, it was frequent that an old
version persisted in the cache long after I updated a key.
No such issues on keys.openpgp.org, gpg --send-key and the new updated
key is immediately available with no time outs or delays.
> It is a real shame that a decentralized Hagrid isn't really possible,
> though, at least to my understanding. It's quite the limitation for
Decentralized non-identity information hagrid could still be possible.
It's just a question over which protocol to synchronize this kind of data.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 919 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users