Re: [Sks-devel] Keyserver flooding attack: mitigation straw-man

[Bjarni Runar Einarsson]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Yegor Timoshenko <address@hidden> wrote:
> Bjarni, thanks for creating the MUA I'm using to write this
> message!

Hah, you're welcome. :-)

> That said, it won't stop any attacker with computing power
> comparable to that of PocketBeagle from destroying the whole
> SKS network (disabling everyone who peers, that is), because

This is correct, however ...

> TLDR: This is an improvement, but it won't stop any malicious
> attacker (i.e. anyone who wants to take down SKS, either by
> flooding or poisoning all keys or by abusing denial-of-service
> issues in gossip protocol).

I think this depends on the motivations of the attacker - which
we can in this case venture guesses about, given the contents and
context of the vandalism.

Adding an official way for the SKS network to at least partially
respect the wishes of key owners who want to remove their names
or e-mails. or otherwise have some control over how their key is
presented, may actually eliminate the motivation to burn it all
to the ground.

Wanting this myself is part of what motivated me to post the
straw-man at all; I think this would be a generally useful
addition. If not the letter, it is at least closer to the spirit
of things like the GDPR and related, valid concerns people have
raised repeatedly.

Thanks for the thoughtful response!
 - Bjarni

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEETBSz4pzXkOHlSFMhjgA3FgDPlJEFAl0j3RkACgkQjgA3FgDP
lJFp4Af+MUo8uTkbhkP+n+zULxCslFvDiwZ4NKh0QG0uTVjLH9VNJSLpIFQiKAMp
s6g1HfX74PDc4G8aPRvdea0O50ZINHgBi+8tHIusrlEsyz3yv69RZF+83S7NfeTH
SjkvMhBP/BcnNZ5QYPNko1ho9qQm/rbmIdmaFpnC2hok4jwfGBbokhg5pVsrJhns
A09RRC7+ZAQnAUaT8Qdor8jRy9wQhO3qGg5RZMBbMrJsMsQSdk/bei+8PhGeCeqK
SmhZ1jJ8wNlvnlEzN7q1chXkB5WxSDRyGcGWij+nl0x1gFNAXaSJpZIiVUWhKSsO
noHOkoX3UVNLufWOgMiCYww7kpsjig==
=gL4t
-----END PGP SIGNATURE-----