Which keyserver

Andrew Gallagher andrewg at andrewg.com
Sat Sep 19 21:38:22 CEST 2020

> On 19 Sep 2020, at 20:05, Stefan Claas <sac at 300baud.de> wrote:
> Well, there is IMHO a good replacement for SKS available, called
> hockeypuck and it is written in modern Golang.

This is beside the point. SKS is both a protocol and an implementation. Hockeypuck is a reimplementation of the same protocol and is so is vulnerable to the same poisoning issues. 

The problem with the SKS *protocol* is very hard to fix, because designing a universal, publicly writable datastore means solving a trilemma: censorship resistance, vandalism resistance, and decentralisation. SKS prioritises censorship resistance and decentralisation, and so is vulnerable to vandalism. Hagrid “solves” the vandalism problem by abandoning decentralisation. WKD steps outside the problem space by abandoning universality. All these are valid alternatives, but none can be called a “replacement”.


More information about the Gnupg-users mailing list