FAQ: seeking consensus

Stefan Claas sac at 300baud.de
Fri Oct 18 09:19:05 CEST 2019

Robert J. Hansen wrote:

> 1.  How should we handle the SKS keyserver attacks?

I would list in the FAQ the kind of attacks possible,
to educate users, before they choose one for uploading
their key.

> One school of thought says "SKS is tremendously diminished as a
> resource, because using it can wedge older GnuPG installations and we
> can't make people upgrade.  We should recommend people use other methods
> than SKS."  If you think this is correct, please let me know what you
> think the alternate method should be.
> Another says, "with a recent GnuPG release SKS may be used productively
> and we should keep the current advice."
> Is there another solution I'm overlooking?  Please don't think I'm
> limiting the discussion to just those two.  If you've got a third way
> (or a fourth, or a fifth) I'd love to hear them.

It would be nice if you can add to the keyserver list also the
mailvelope.com keyserver, because it requires users to authenticate
their keys against the keyserver with an received encrypted email
and it also allows keeping third party signatures, compared to



box: 4a64758de9e8ceded2c481ee526440687fe2f3a828e3a813f87753ad30847b56
  certified OpenPGP key blocks available on keybase.io/stefan_claas

More information about the Gnupg-users mailing list