[Keyserver] Hockeypuck 2.1.0 released
Casey Marshall
casey.marshall at gmail.com
Thu Dec 10 18:07:00 CET 2020
I've released Hockeypuck 2.1.0
<https://github.com/hockeypuck/hockeypuck/releases/tag/2.1.0> [0], which
contains several new features that may be useful to mitigate
spamming/flooding/DoS [1] attacks on GnuPG and keyservers. See the release
link for details, but here's the highlights:
- Configurable key length and packet size limits, with sensible defaults
to limit keyserver resource consumption (1MB and 8K respectively).
- Configurable blacklist of primary key fingerprints.
- Authenticated key management. This adds a couple of extra endpoints
which allow a key owner to replace and delete their key, authenticated by
signing the armored key in the request. This allows a key owner to still
update their own key once it has been inflated beyond the key length limit.
Blacklists and auth key management may also be of interest to keyserver
operators subject to GDPR-related requests.
-Casey
[0] https://github.com/hockeypuck/hockeypuck/releases/tag/2.1.0
[1] https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20201210/47070eb6/attachment.html>
More information about the Gnupg-users
mailing list