Re: [Sks-devel] heads-up: another attack tool, using SKS as FS

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] heads-up: another attack tool, using SKS as FS

From:	Jeremy T. Bouse
Subject:	Re: [Sks-devel] heads-up: another attack tool, using SKS as FS
Date:	Sat, 14 Jul 2018 10:38:31 -0400
User-agent:	Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1

On 7/14/2018 9:42 AM, Hendrik Visage wrote:

On 14 Jul 2018, at 13:04 , Gabor Kiss <address@hidden> wrote:

Then let's drop keys that don't contain a valid email address in the key id.

How do you propose to validate the email address?

(Hint: this is a surprisingly hard problem.)

See also "web of trust" and "strong set".
Addresses should/can be checked by humans worldwide who sign/certify the key.

I’ve been trying to get mine “signed” by Web-Of-Trust for years now… also not that “easy” ;(

Find a local Debian Developer... Most of the Debian Developers are part of the strong set and they're all over the globe.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, (continued)

Prev by Date: Re: [Sks-devel] heads-up: another attack tool, using SKS as FS
Next by Date: Re: [Sks-devel] withdrawal of service: sks.spodhuis.org
Previous by thread: Re: [Sks-devel] heads-up: another attack tool, using SKS as FS
Next by thread: Re: [Sks-devel] heads-up: another attack tool, using SKS as FS
Index(es):
- Date
- Thread