FAQ: seeking consensus
sac at 300baud.de
Fri Oct 18 09:19:05 CEST 2019
Robert J. Hansen wrote:
> 1. How should we handle the SKS keyserver attacks?
I would list in the FAQ the kind of attacks possible,
to educate users, before they choose one for uploading
> One school of thought says "SKS is tremendously diminished as a
> resource, because using it can wedge older GnuPG installations and we
> can't make people upgrade. We should recommend people use other methods
> than SKS." If you think this is correct, please let me know what you
> think the alternate method should be.
> Another says, "with a recent GnuPG release SKS may be used productively
> and we should keep the current advice."
> Is there another solution I'm overlooking? Please don't think I'm
> limiting the discussion to just those two. If you've got a third way
> (or a fourth, or a fifth) I'd love to hear them.
It would be nice if you can add to the keyserver list also the
mailvelope.com keyserver, because it requires users to authenticate
their keys against the keyserver with an received encrypted email
and it also allows keeping third party signatures, compared to
certified OpenPGP key blocks available on keybase.io/stefan_claas
More information about the Gnupg-users