Re: [Sks-devel] "quality" of keyservers offering hkps

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] "quality" of keyservers offering hkps

From:	Gabor Kiss
Subject:	Re: [Sks-devel] "quality" of keyservers offering hkps
Date:	Thu, 14 Aug 2014 06:15:38 +0200 (CEST)
User-agent:	Alpine 2.02 (DEB 1266 2009-07-14)

> In case of the last remaining 7 servers (= every 5th server) the test
> showed an exploit opportunity related to CVE-2014-0224 [4], which can
> be eliminated by simply updating the OpenSSL package on these systems.
> As I'm not that much deep in the topic I'm not sure about the impact
> of this issue on the security of hkps connections. Perhaps anyone can

_Every_ SSL encrypted traffic of these servers can be decoded by
an eavesdropper after silently eliciting the secret key.

> give an advise here. Could this be a threat and should be also checked
> before including servers to the hkps pool?

Definitely yes.

Gabor

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Sks-devel] "quality" of keyservers offering hkps, (continued)
- Re: [Sks-devel] "quality" of keyservers offering hkps, Gabor Kiss <=

Prev by Date: Re: [Sks-devel] "quality" of keyservers offering hkps
Next by Date: Re: [Sks-devel] "quality" of keyservers offering hkps
Previous by thread: Re: [Sks-devel] "quality" of keyservers offering hkps
Next by thread: [Sks-devel] Problem with SKS on Ubuntu
Index(es):
- Date
- Thread