SKS Keyserver Network Under Attack

Andrew Gallagher andrewg at andrewg.com
Sun Jun 30 16:00:21 CEST 2019


On 2019/06/30 11:49, Mirimir via Gnupg-users wrote:
> It would stop when certs can no longer be poisoned. And I don't see the
> downside. I mean, what good does it do to have people downloading keys
> that break their stuff?
> 
> I don't see that as "doing the bad guys’ work for them". I see it as
> preventing bad guys escalating from hurting a few people to doing
> serious damage. That's not "punishing the victim".

It prevents escalation, yes. But at the expense of exiling the targeted
people from the network - which may well be the attacker's real intent.

Any "solution" that turns a general problem into a problem for a small
number of *specific individuals* is not a solution, it's a lynching. I'm
sure those specific individuals will be thankful that they've been
thrown under the bus for the greater good. I'm sure nobody else will be
looking over their shoulder wondering whether they'll be next.

We solve this issue for *everyone*, or we all go home.

-- 
Andrew Gallagher

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190630/6da748bf/attachment-0001.sig>


More information about the Gnupg-users mailing list