[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] heads-up: another attack tool, using SKS as FS
|
From: |
Kiss Gabor (Bitman) |
|
Subject: |
Re: [Sks-devel] heads-up: another attack tool, using SKS as FS |
|
Date: |
Sat, 14 Jul 2018 07:07:55 +0200 (CEST) |
|
User-agent: |
Alpine 2.11 (DEB 23 2013-08-11) |
On Fri, 13 Jul 2018, Ryan Hunt wrote:
> Sooner or later you guys need
> start looking forward, if mistakes were made in the past ignoring them is not
> going to solve anything.
> Ignore the users, your the sysops.. Either SKS will die, or the entire thing
> is going to have to be scrapped and redesigned with something that can permit
> removal of keys, or drop all support for images and start validating key
> holders.. none are ideal, but one is pretty clearly better than the others to
> me.
My 2 cents.
The current infrastructure must be wiped out. It is a dead duck.
In the new era key owners have to proof their identity. Practically
speaking key servers accept only keys belonging to the strong set.
(At least in first step.)
Moreover key owners must add an UID with this text:
"I want this key to be provided by public databases.
I understand and I agree that it cannot be deleted any more."
And yes. Key servers have to do cryptographic operations.
Later, when we find a sophisticated algorithm, key deletion could be
triggered by adding another properly signed UID:
"I want this key to be deleted from public databases.
Thanks guys for your efforts. :-)"
Regards
Gabor
- [Sks-devel] heads-up: another attack tool, using SKS as FS, Phil Pennock, 2018/07/13
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Matthew Walster, 2018/07/13
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Ryan Hunt, 2018/07/13
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Tobias Frei, 2018/07/13
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Tom at FlowCrypt, 2018/07/13
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Ryan Hunt, 2018/07/13
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Robert J. Hansen, 2018/07/13
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Ryan Hunt, 2018/07/13
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Robert J. Hansen, 2018/07/14
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS,
Kiss Gabor (Bitman) <=
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Robert J. Hansen, 2018/07/14
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Tom at FlowCrypt, 2018/07/14
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Andrew Gallagher, 2018/07/14
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Robert J. Hansen, 2018/07/14
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Ryan Hunt, 2018/07/13
Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Andrew Gallagher, 2018/07/14
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Human at FlowCrypt, 2018/07/14
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Robert J. Hansen, 2018/07/14
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Gabor Kiss, 2018/07/14
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Hendrik Visage, 2018/07/14