[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] nokeyserver annotation
From: |
Kristian Fiskerstrand |
Subject: |
Re: [Sks-devel] nokeyserver annotation |
Date: |
Tue, 20 Dec 2016 19:25:47 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1 |
On 12/20/2016 07:18 PM, Vincent Breitmoser wrote:
>> - to do this keyservers will have to actually do cryptography
> Are you sure? I don't think there's any attack scenario here: If any
> such signature exists, you can't upload the key. It's impossible to
> attach those to another person's key, and that's the only attack
> scenario I can see.
>
Without verifying the signature this opens up for a DoS on users
expecting to distribute the keys, e.g in case of a revocation certificate.
--
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
Divide et impera
Divide and govern
signature.asc
Description: OpenPGP digital signature
Re: [Sks-devel] nokeyserver annotation, Kiss Gabor (Bitman), 2016/12/20
Re: [Sks-devel] nokeyserver annotation, Daniel Kahn Gillmor, 2016/12/20