keys require a user-id

Robert J. Hansen rjh at
Sat May 16 22:28:58 CEST 2020

> Have the bureaucrats who define standards have finally fixed the DOS
> issues about keys spammed with signatures or is it still being
> "discussed whether they are even needed."?

GnuPG had a bug in the key importation code which made it run in time
proportional to the square of the number of signatures.  Importing a
certificate with 100,000 signatures was literally a hundred million
times slower than importing a certificate with 10.

That bug has since been fixed.  With judicious use of the various -clean
options, the key spamming bug is effectively dead... on the GnuPG side:
on the SKS side, people are still filling up SKS keyservers with spam.

SKS is a completely separate project from GnuPG, and has no RFC guiding
it.  So the "bureaucratic" project has it resolved, and the "free to
innovate" project has been unable to innovate.

(Note: I'm not blaming SKS.  This is a hard problem.  I personally don't
think SKS can be saved.)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 821 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Gnupg-users mailing list