[Sks-devel] Cease of operation: *.gnupg.pub

[Franck Nijhof]

Hi there,

Via this message, I am announcing the cease of operations on the servers: 
*.gnupg.pub.

I have started this experiment some time ago and have enjoyed it pretty much 
and reached my goal; Getting my server in the pools most of the time,  by 
getting the highest possible score (without HA).

The time has also come to make some confessions. Those scores my server got, 
are not real. I have studied the code running the pools quite a bit and 
discovered quite a few flaws in it. Which I successfully exploited to get a 
higher ranking, resulting in my pretty low budget VPS to be in multiple pools 
almost all the time. I am not going to expose those flaws right here. 
Nevertheless, I do think it is pretty severe that this system is that easy to 
manipulate. Even worse; I did not even get into doing extreme things since that 
was not necessary at all.

With all due respect, the code running the SKS pools and website are in a 
pretty sad state. In my humble opinion the code should be made public on a 
decent open source platform (e.g., GitHub), refactored and exposed as much as 
possible in order to gain feedback and improvements from other developers. 
While doing that, add some decent CI/CD as, including some static code analysis 
tooling.

Don't worry; the data is not being exploited at all. Nor did peering with me 
had any effect on your services. That was never my intention of this little 
project.

Thank you for learning me so much from GPG and the inner working of the SKS 
pools that are so important to the GnuPG community and its users.

With kind regards,

Franck Nijhof

signature.asc
Description: Message signed with OpenPGP