SKS Keyserver Network Under Attack
Erich Eckner
gnupg at eckner.net
Sun Jun 30 16:07:52 CEST 2019
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Sun, 30 Jun 2019, Andrew Gallagher wrote:
> On 2019/06/30 11:49, Mirimir via Gnupg-users wrote:
>> It would stop when certs can no longer be poisoned. And I don't see the
>> downside. I mean, what good does it do to have people downloading keys
>> that break their stuff?
>>
>> I don't see that as "doing the bad guys’ work for them". I see it as
>> preventing bad guys escalating from hurting a few people to doing
>> serious damage. That's not "punishing the victim".
>
> It prevents escalation, yes. But at the expense of exiling the targeted
> people from the network - which may well be the attacker's real intent.
>
> Any "solution" that turns a general problem into a problem for a small
> number of *specific individuals* is not a solution, it's a lynching. I'm
> sure those specific individuals will be thankful that they've been
> thrown under the bus for the greater good. I'm sure nobody else will be
> looking over their shoulder wondering whether they'll be next.
>
> We solve this issue for *everyone*, or we all go home.
>
> --
> Andrew Gallagher
>
>
Hi,
maybe I don't get the original idea - but I thought, it was to block
*uploads/updates* which would poisson a certificate - not to blackhole
them after they got poissoned?
cheers,
Erich
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE3p92iMrPBP64GmxZCu7JB1Xae1oFAl0YwjkACgkQCu7JB1Xa
e1ozlA/+O7leg3qYlW1KO8+z1cE2IDe03CDUYX1PovzIpbxSiSYREEqbcJJkelqv
Bp1h8LZKUZuRNYIHD7NbFYMSUMaJTpI6S1p3stN214cK5vqY01x6ncEMvtpHJTGK
/87VtN+g+9qch59lCAZMjOrVtrgW0R5AqCsjIisPFAPyAHjNYF+EjQ5xQkYfVq35
ny4TJXjSBjCzFO8+OcUW5ThHGwIq5CL6CW5PFmPDtkzIdI/yPowq20BWHz/AGiSq
uxe32hKyJXNABe0Ow73NB4IOK8GrlGuUs2WAoMDKfQaBdNNguqgf8rSP52BLhtUT
wY1xI2f/6mpi7Ygrwqnw6kIHEvhFAVR5T3KobLERn7B9uiXlBAp+PVIc/QDuPFG5
dVMgBacuGdXXM+dpjGKYbDVi1WYVr5JyqeJwNOiC/0fyNgO69HQGmSPPsFFauo9s
i2pbVO/cv9X/aF9KLCcBbMP/nKHokLnShU3xAoIinFdGHN68iFVCPGlQhLwGlpMN
0Xq52TVjlpwt8OtEak0GIPhdyXQQkLrZnsDc2sB6s99u8R0L78KFoWAorvTDP9Hb
o8+rz93AZxiObn9q2iTKYve0tWLuvTUTiTmgd42I2qFLNIfGLQCBtkqpcgBje4AK
S6mrCP8AMrdhO3bOU1bdarN4FEonV6DUHAk8aMiqbwp1quAyHaw=
=+Lsx
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list