SKS and GnuPG related issues and possible workarounds

Michał Górny mgorny at
Wed Jul 3 15:02:21 CEST 2019

On Wed, 2019-07-03 at 03:01 -0700, Mirimir via Gnupg-users wrote:
> On 07/02/2019 11:42 PM, Michał Górny wrote:
> > Then, they may decide to start mass poisoning other keys just to 
> > prove this is not the right solution.
> If what I propose is workable, attackers can poison as many keys as they
> like. Until SKS keyservers go down, anyway. Until then, if the system
> catches them quickly enough, they won't do widespread damage. They'll
> inconvenience some people, of course, but that seems unavoidable. And as
> an extra benefit, this would nuke file systems that store data in
> signatures.

I'm afraid you are underestimating those people.  The way I see it,
the number of poisoned OpenPGP keys will grow quick enough to remove all
valid keys from SKS keyservers, and render them practically useless.

Best regards,
Michał Górny

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 618 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the Gnupg-users mailing list