sks-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] Big amount of updated keys yesterday?

From: Daniel Kahn Gillmor
Subject: Re: [Sks-devel] Big amount of updated keys yesterday?
Date: Wed, 13 Apr 2011 12:17:11 -0400
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.15) Gecko/20110402 Icedove/3.1.9 
On 04/13/2011 07:15 AM, Jeff Johnson wrote:
> Is there really a problem here?
> 
> An update of 5000-1000 keys over 2-3 hours isn't wildly out of line
> with the statistics I've seen.
> 
> Key servers come and go, and when there's a diconnection of some sort,
> then there can be a burst of activity when the disconnection repairs itself.

yes, i agree with this.  I'm curious about thinking through the
implications of bursty gossip, though, so we can all better-understand
the nature of this collaborative project we're engaged in.

Aside from the performance issues people have identified, i don't think
that a burst like this is *necessarily* problematic.

But consider: if there was a sustained huge injection of garbage into
the keyserver network, it would be good to have some way to figure out
where it was initially coming from (a malicious attacker could always
use a distributed injection to foil this kind of analysis, of course).

I wouldn't be surprised if the recent burst was related to Jonathon
Weiss' recent work getting pgp.mit.edu to sync again.

> Sure its an interesting challenge to try and find a "smoking gun".

Thinking through what sort of analysis is actually possible (and
optionaly, what additional log info we might want for forensics like
this) is a useful exercise, i think.

        --dkg

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]