SKS Keyserver Network Under Attack

Andrew Gallagher andrewg at
Thu Jul 4 09:19:10 CEST 2019

> On 4 Jul 2019, at 03:23, Ángel <angel at> wrote:
> A point I don't like about the design of hagrid is that verification is
> performed by the server itself.
> Thus, it seems that if there were a reconciliation protocol between
> them, either entering into one of them would lead to all of them blindly
> trusting it, or the owner would need to validate a challenge for each
> keyserver to which it gets replicated.

Exactly. This is why I believe we need to separate the functions of “master” keystores (such as hagrid, keybase, WKD) from “caching” keystores such as SKS. The master (but not authoritative) keystores would provide IDs and third party sigs, at the cost of having to perform verification (email in the case of email IDs and domain in the case of server IDs). The caching keystores would synchronise, but only the primary keys. They would then spider the master keystores for the rest of the key info. 

There is no reason for the master keystores to publicly certify keys - their verification process is an antispam measure, not an attestation of identity. But we can’t do away with verifying entirely, because there is no other known way to prevent flooding. 


More information about the Gnupg-users mailing list