SKS Keyserver Network Under Attack

Werner Koch wk at gnupg.org
Tue Jul 2 15:28:24 CEST 2019


On Tue,  2 Jul 2019 13:47, look at my.amazin.horse said:

> Huh, that's interesting. I was not aware of this issue, and wish you had reached
> out to me, or to support at keys.openpgp.org, or filed an issue on Hagrid.

I assumed that newly launched server software with the goal to take over
all existing keyservers has been properly tested on the major desktop
platform.

We track the case as https://dev.gnupg.org/T4597

> This BSI requirement was not known to me. While it would be preferable
> to stick

It is not a requirement but it is what has been evaluated.  Changing
anything crypto related requires discussion on whether this will affect
the approval.  It won't be a problem for GnuPG 2.3 because a lot of
things will change there anyway and a re-evaluation will be required.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190702/01cd9944/attachment.sig>


More information about the Gnupg-users mailing list