[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] Broken keyservers (413 Request Entity Too Large)
From: |
David Benfell |
Subject: |
Re: [Sks-devel] Broken keyservers (413 Request Entity Too Large) |
Date: |
Thu, 4 Sep 2014 13:26:56 -0700 |
User-agent: |
Mutt/1.5.23 (2014-03-12) |
On Thu, Sep 04, 2014 at 10:13:22PM +0200, Kim Minh Kaplan wrote:
>
> Obviously Arnold is not referring to the cryptographic key size but to
> the complete OpenPGP key size, the whole shebang. 0xd49ae731 has many
> uids each signed with loads of signatures. It is close to one million
> bytes in its armored form.
>
> Still I do not see how limiting the size of a single key would protect
> the SKS key servers from a DOS. To an attacker uploading many huge
> keys has about the same difficulty as uploading many many big keys.
Even worse, then. I don't see this use as an abuse, but as legitimate.
We should be able to accommodate it, even if it is an outlier.
--
David Benfell <address@hidden>
See https://parts-unknown.org/node/2 if you don't understand the
attachment.
pgplC6XmsA6_M.pgp
Description: PGP signature