Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c cont

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c cont

From:	Gabor Kiss
Subject:	Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?
Date:	Sun, 27 May 2012 12:53:09 +0200 (CEST)
User-agent:	Alpine 2.00 (DEB 1167 2008-08-23)

> The keyservers never, never, never lose certificates.  That's a design
> goal and one that the SKS maintainers believe is a good one.  I agree
> with them, and want to see this design goal maintained in all future
> development.

Some of us worries about DOS and installs HTTP proxy quickly.
However a malicious attacker (working for XXXXX government that hates
PGP) can more easily down the _whole_ SKS pool:
it is enough to inject 50 millions of fake keys.

I think there should be a mechanism to purge unnecessary keys.
However I don't believe in expiry or other automatic ways.

My idea: there shoud be five wise and trusted peoples -- i.e.
a committee. Each of them would have a special revoking key.
If four of five signes a key in the database it should be deleted
and never accepted again.

Gabor
-- 
E-mail = m-mail * c-mail ^ 2

[Prev in Thread]

Current Thread

[Next in Thread]

[Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?, Jeffrey Johnson, 2012/05/25
- Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?, Gabor Kiss, 2012/05/26
  - Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?, Kristian Fiskerstrand, 2012/05/27
    - Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?, Giovanni Mascellani, 2012/05/27
    - Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?, Kristian Fiskerstrand, 2012/05/27
    - Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?, Jens Leinenbach, 2012/05/27
    - Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?, Jeffrey Johnson, 2012/05/27
    - Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?, Jeffrey Johnson, 2012/05/27
    - Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?, Robert J. Hansen, 2012/05/27
    - Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?, Gabor Kiss <=
    - Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?, Robert J. Hansen, 2012/05/27
    - Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?, Gabor Kiss, 2012/05/28
    - [Sks-devel] Keys over NNTP, Kiss Gabor (Bitman), 2012/05/28
    - Re: [Sks-devel] Keys over NNTP, Phil Pennock, 2012/05/28
    - Re: [Sks-devel] Keys over NNTP, David Shaw, 2012/05/28
    - Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?, Jeffrey Johnson, 2012/05/27
    - Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?, John Marshall, 2012/05/27
    - Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?, David Benfell, 2012/05/27
    - Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?, Jeffrey Johnson, 2012/05/27
    - Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?, Jeffrey Johnson, 2012/05/27

Prev by Date: Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?
Next by Date: Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?
Previous by thread: Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?
Next by thread: Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?
Index(es):
- Date
- Thread