SKS Keyserver Network Under Attack

Ryan McGinnis ryan at digicana.com
Sun Jun 30 15:17:05 CEST 2019


I guess that’s one way to look at it, but if your end users are dissidents and journalists communicating in happy fun places or developers signing critical software, then surely you’d want the product to be resilient against 10 year old trivial attacks from your users’ adversaries.  I do understand the “with what resources” argument; I imagine there is no way of getting around that.  But if that is the end response to stuff like this then it seems more an argument that people should not be using this software system for important, serious applications.  For the secure communications functionality I suspect this has been the target end users’ perception for quite some time, and a whole slew of arguably better secure communications systems have risen to fill that need - but GPG is still used heavily in signing important files.

-Ryan McGinnis
http://bigstormpicture.com
PGP: 486ED7AD
Sent with ProtonMail Secure Email

On Sun, Jun 30, 2019 at 07:44, Robert J. Hansen <rjh at sixdemonbag.org> wrote:

>> What would have prevented a state level actor from activating this
>> exploit on a wide level during a time when it would have been most
>> effective for them?
>
> A nation-state with a professional intelligence service probably isn't
> very interested in taking down the keyserver network. Why should they
> take down something that's not a big priority for them, especially if
> it'll cost them a lot of international goodwill if it gets attributed to
> them?
>
> This has all the hallmarks of a child playing with matches and clapping
> with glee as the house catches fire.
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190630/cc01770d/attachment.html>


More information about the Gnupg-users mailing list