FAQ: seeking consensus

Teemu Likonen tlikonen at iki.fi
Fri Oct 18 07:12:39 CEST 2019

Robert J. Hansen [2019-10-17T15:18:07-04] wrote:

> 1.  How should we handle the SKS keyserver attacks?
> One school of thought says "SKS is tremendously diminished as a
> resource, because using it can wedge older GnuPG installations and we
> can't make people upgrade.  We should recommend people use other methods
> than SKS."  If you think this is correct, please let me know what you
> think the alternate method should be.
> Another says, "with a recent GnuPG release SKS may be used productively
> and we should keep the current advice."
> Is there another solution I'm overlooking?  Please don't think I'm
> limiting the discussion to just those two.  If you've got a third way
> (or a fourth, or a fifth) I'd love to hear them.

I think the FAQ should briefly discuss the attack and weaknesses of SKS
keyservers. The FAQ could then say that with GnuPG version <something>
user is quite safe. Then mention that there is also alternative,
keys.openpgp.org, with different features.

///  OpenPGP key: 4E1055DC84E9DFF613D78557719D69D324539450
//  https://keys.openpgp.org/search?q=tlikonen@iki.fi
/  https://keybase.io/tlikonen  https://github.com/tlikonen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 694 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20191018/b3c753ba/attachment.sig>

More information about the Gnupg-users mailing list