[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] withdrawal of service: sks.spodhuis.org
|
From: |
Andrew Gallagher |
|
Subject: |
Re: [Sks-devel] withdrawal of service: sks.spodhuis.org |
|
Date: |
Fri, 13 Jul 2018 19:53:01 +0100 |
Phil,
Sad but not surprised. Thanks for all your time and effort. It has been much
appreciated.
For myself, whippet.andrewg.com has been broken for several weeks now and I’m
not sure I have the heart to go to the effort of restoring it only for it to be
clobbered again. I am reluctant to declare defeat, but this calls for a
tactical retreat and regroup.
I am still willing to help with possible upgrades and/or replacements for the
SKS network. At this point I have come to believe that a minimal network
containing only key material, SBINDs and revocations (no id packets, no third
party sigs) is the absolute maximum functionality we can hope to sustain in the
long term. And for this to be bulletproof, all such material must be
cryptographically verified (otherwise people could just create “random” key
material containing arbitrary data).
Providing search by uid appears to be a lost cause. DNS, WKD and proprietary
services like keybase are probably the only way this can be done without
opening pandora’s box.
Andrew Gallagher
> On 13 Jul 2018, at 18:34, Phil Pennock <address@hidden> wrote:
>
> Folks, with immediate effect, I am withdrawing sks.spodhuis.org from
> service and it will not be returning in its current form.
>
> I am about to disable the DNS in spodhuis.org, while leaving the SKS
> service itself running, so that clients using pools will not be
> adversely impacted. I'll give it a few hours for pools to update and
> caches to expire, before turning off SKS itself.
>
> I have already disabled SKS recon.
>
> It's been an educational ride.
>
> I'm willing to fight jurisdictional overreach, but with Yet Another
> Attack Tool to abuse the resources which I provide out of my pocket,
> combined with large chunks of the traffic appearing to be to support
> operational incompetence by certain software publishers, I don't see
> that I'm successfully spending my money to good effect, supporting a
> community of users who care about verifiable integrity and some privacy.
>
> With the latest attack tool providing for generic filesystem storage
> such that attaching a file doesn't even require understanding how to use
> a user-attribute packet, the threat of KP upload has just increased by
> an order of magnitude. I'm not willing to be part of that.
>
> My key remains available at the URL in the OpenPGP: header of all my
> emails, and via finger: (for my name @ my domain). I'll explore WKD
> again, sometime later this year.
>
> Regards,
> -Phil, surrendering
> _______________________________________________
> Sks-devel mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/sks-devel
- [Sks-devel] withdrawal of service: sks.spodhuis.org, Phil Pennock, 2018/07/13
- Re: [Sks-devel] withdrawal of service: sks.spodhuis.org,
Andrew Gallagher <=
- Re: [Sks-devel] withdrawal of service: sks.spodhuis.org, Robert J. Hansen, 2018/07/13
- Re: [Sks-devel] withdrawal of service: sks.spodhuis.org, Moritz Wirth, 2018/07/13
- Re: [Sks-devel] withdrawal of service: sks.spodhuis.org, Andrew Gallagher, 2018/07/13
- Re: [Sks-devel] withdrawal of service: sks.spodhuis.org, Tom at FlowCrypt, 2018/07/13
- Re: [Sks-devel] withdrawal of service: sks.spodhuis.org, Moritz Wirth, 2018/07/14
- Re: [Sks-devel] withdrawal of service: sks.spodhuis.org, Human at FlowCrypt, 2018/07/14
- Re: [Sks-devel] withdrawal of service: sks.spodhuis.org, Human at FlowCrypt, 2018/07/14
- Re: [Sks-devel] withdrawal of service: sks.spodhuis.org, Human at FlowCrypt, 2018/07/14
- Re: [Sks-devel] withdrawal of service: sks.spodhuis.org, Daniel Roesler, 2018/07/14
Re: [Sks-devel] withdrawal of service: sks.spodhuis.org, Haw Loeung, 2018/07/14