keyserver-options: self-sigs-only, import-clean, import-minimal
gnupg at raf.org
gnupg at raf.org
Wed Jul 3 04:35:30 CEST 2019
> On 2019-07-02 at 12:24 +0200, Werner Koch via Gnupg-users wrote:
> > > My opinion: make "keyserver-options import-clean" the default and
> > make it internally never import any unknown signatures.
> > Sorry, this is a catch-22. We need the key to verify the signature.
> I don't think so. You can have the signing key in the keyring, even if
> that one was imported with only its own self-sigs.
> Ultimately, I think the signatures should only be imported when they are
> cross-signed by the key owner.
> This would require a migration step were people signed the signatures
> they already have on their key, but would otherwise allow them to keep
> their 'precious signatures' they already have.
> Then there should probably be a new command that would have to be used
> to import the new signatures to your key that you are sent.
> It won't fix the problem of a malicious keys being made with thousands
> of fake signatures, but it pretty much solves the spamming problem by
> only putting the owner in charge of accepting the signatures that can go
> on his key.
Apologies in advance if this is a stupid comment (I don't know about gpg's
implementation or the precise reason why keys with many signatures is a
problem but I have read RJH's article). It sounds like SKS servers can
handle these poisoned keys but GPG can't. That suggests that maybe GPG's
keyring handling code could be changed so that poisoned keys no longer
constitute a DoS.
For example, if the problem is overuse of resources such as memory, could
the keyring handling code be rewritten to use fewer resources? e.g. treat
the keyring like a database where not all of it can fit in memory at the
same time. If that were possible, these other changes wouldn't be needed.
But perhaps it already does that and it's not enough.
On the other hand, if the problem is that GPG is validating all of those
signatures when importing a key, perhaps there could be a limit to how many
signatures GPG will verify. Does it really have to verify every single one?
Limiting the number that will be verified (or the amount of time spent
verifying them) might prevent this situation becoming a DoS while still
giving confidence that the key being imported has been signed by at least
some members of your WoT.
Again, apologies if I'm completely misunderstanding the issue. Perhaps the
problem isn't limited to importing. I'm just thinking that being able to
cope with garbage is more robust than trying to come up with ways to avoid
garbage especially when you know that garbage happens.
More information about the Gnupg-users