FAQ: seeking consensus

Johan Wevers johanw at vulcan.xs4all.nl
Thu Oct 17 21:28:44 CEST 2019


On 17-10-2019 21:18, Robert J. Hansen wrote:

> 1.  How should we handle the SKS keyserver attacks?
> 
> One school of thought says "SKS is tremendously diminished as a
> resource, because using it can wedge older GnuPG installations and we
> can't make people upgrade.  We should recommend people use other methods
> than SKS."  If you think this is correct, please let me know what you
> think the alternate method should be.
> 
> Another says, "with a recent GnuPG release SKS may be used productively
> and we should keep the current advice."

I'd say split it: if there are reasons to use gpg 1.4 for compatibility
or other reasons, don't use sks. If you're using gpg 2.2.17 or newer,
you can use it. The people who knowingly use 1.4 will know they're in
that category.

> "Your existing RSA-2048 keys are fine, you don't need to take any action"

Yet. Please look again in 5 years (estimate is till 2030 but some
unexpected attack might appear).

-- 
ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html




More information about the Gnupg-users mailing list