SKS Keyserver Network Under Attack

Robert J. Hansen rjh at sixdemonbag.org
Sun Jun 30 12:10:07 CEST 2019


> Because a) it’s enumerating badness [1] but more importantly b) it’s
> punishing the victim. Protecting the ecosystem by banning RJH and DKG’s
> keys from the keyservers entirely is doing the bad guys’ work for them.

There's an important c):

c) what happens when they go after more certificates?

If you're willing to blackhole two certs, great.  Where does it stop?
How many certs can the strong set stand to lose?



More information about the Gnupg-users mailing list