keys require a user-id
Robert J. Hansen
rjh at sixdemonbag.org
Sat May 16 22:28:58 CEST 2020
> Have the bureaucrats who define standards have finally fixed the DOS
> issues about keys spammed with signatures or is it still being
> "discussed whether they are even needed."?
GnuPG had a bug in the key importation code which made it run in time
proportional to the square of the number of signatures. Importing a
certificate with 100,000 signatures was literally a hundred million
times slower than importing a certificate with 10.
That bug has since been fixed. With judicious use of the various -clean
options, the key spamming bug is effectively dead... on the GnuPG side:
on the SKS side, people are still filling up SKS keyservers with spam.
SKS is a completely separate project from GnuPG, and has no RFC guiding
it. So the "bureaucratic" project has it resolved, and the "free to
innovate" project has been unable to innovate.
(Note: I'm not blaming SKS. This is a hard problem. I personally don't
think SKS can be saved.)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 821 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200516/ab0c0e83/attachment.sig>
More information about the Gnupg-users
mailing list