SKS Keyserver Network Under Attack
Stefan Claas
sac at 300baud.de
Sun Jun 30 11:24:08 CEST 2019
Andrew Gallagher wrote:
>
> > On 30 Jun 2019, at 09:19, Robert J. Hansen <rjh at sixdemonbag.org> wrote:
> >
> > The next version of Enigmail will no longer use the SKS network by
> > default. Great! But what about existing Enigmail users? They'll see a
> > signature, click "Import Key", and ... bam. They're likely not going to
> > think that someone's performing a malicious attack by poisoning
> > certificates: they're going to think "this is crap" and walk away.
>
> Thankfully there is a practical - if drastic - solution for all OpenPGP users
> everywhere. Point pool.sks-keyservers.net (and its various aliases) somewhere
> else. The question is where to and how soon.
Can someone please explain to me why the GnuPG flag for key servers --no-modify
is in GnuPG and why the authors of key server software did not implemented this
feature?
Regards
Stefan
More information about the Gnupg-users
mailing list