Re: [Sks-devel] heads-up: another attack tool, using SKS as FS

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] heads-up: another attack tool, using SKS as FS

From:	Hendrik Visage
Subject:	Re: [Sks-devel] heads-up: another attack tool, using SKS as FS
Date:	Sat, 14 Jul 2018 15:42:33 +0200

On 14 Jul 2018, at 13:04 , Gabor Kiss <address@hidden> wrote:

Then let's drop keys that don't contain a valid email address in the key id.

How do you propose to validate the email address?

(Hint: this is a surprisingly hard problem.)

See also "web of trust" and "strong set".
Addresses should/can be checked by humans worldwide who sign/certify the key.

I’ve been trying to get mine “signed” by Web-Of-Trust for years now… also not that “easy” ;(

---
Hendrik Visage

HeViS.Co Systems Pty Ltd
T/A Envisage Systems / Envisage Cloud Solutions
+27-84-612-5345 or +27-21-945-1192
address@hidden

signature.asc
Description: Message signed with OpenPGP

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, (continued)

Prev by Date: Re: [Sks-devel] withdrawal of service: sks.spodhuis.org
Next by Date: Re: [Sks-devel] heads-up: another attack tool, using SKS as FS
Previous by thread: Re: [Sks-devel] heads-up: another attack tool, using SKS as FS
Next by thread: Re: [Sks-devel] heads-up: another attack tool, using SKS as FS
Index(es):
- Date
- Thread