[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] Oh, Jeeez...!
|
From: |
Ari Trachtenberg |
|
Subject: |
Re: [Sks-devel] Oh, Jeeez...! |
|
Date: |
Fri, 27 May 2016 10:20:51 -0400 |
Is there a common element to the bulk signatures that are being added?
Can we, maybe, rate limit submissions per IP address?
Alternatively, the sync can be stopped after a prescribed number of differences
have been identified ... this
will have the effect of slowing new key updates over time. The POW can be
added as an optional
priority flag so that POW-supported keys will be synced before
non-POW-supported keys ... this can
be as simple as appending low-order bits to the keys.
best,
-Ari
> On May 27, 2016, at 8:34 AM, Kristian Fiskerstrand <address@hidden> wrote:
>
> On 05/27/2016 02:10 PM, Samir Nassar wrote:
>> On 05/24/2016 06:33 AM, Kiss Gabor (Bitman) wrote:
>>> Have you remembered I'm continuosly worrying about
>>> trolls pumping 10-20 millions of dummy keys into key servers?
>>> It is started...
>>
>> Is there a technical reason why a keyserver like SKS can't remain
>> append-only but require that all submitted keys be submitted via
>> PGP-signed request of the key-owner?
>>
>> Wouldn't this help mitigate this kind of griefing?
>>
>
> No
>
> * For one thing, keyservers doesn't verify signatures / do cryptographic
> operations at all, but leaving that aside.
>
> * You can anyways just generate a new key with the data you want added,
> which would validate the signature requirement
>
> * You would introduce a system where you trust the keyserver first
> receiving the change if you accept data transfer through gossip
> afterwards, breaking fundamental principles of distributed approach.
>
>
> --
> ----------------------------
> Kristian Fiskerstrand
> Blog: https://blog.sumptuouscapital.com
> Twitter: @krifisk
> ----------------------------
> Public OpenPGP certificate at hkp://pool.sks-keyservers.net
> fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
> ----------------------------
> "If you choose to sail upon the seas of banking, build your bank as you
> would your boat, with the strength to sail safely through any storm."
> (Jacob Safra (1891–1963))
>
> _______________________________________________
> Sks-devel mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/sks-devel
—
Prof. Ari Trachtenberg
Electrical and Computer Engineering
Boston University
address@hidden
signature.asc
Description: Message signed with OpenPGP using GPGMail
Re: [Sks-devel] Oh, Jeeez...!, Valentin Sundermann, 2016/05/25
- Re: [Sks-devel] Oh, Jeeez...!, Christian Felsing, 2016/05/25
- Re: [Sks-devel] Oh, Jeeez...!, Robert J. Hansen, 2016/05/25
- Re: [Sks-devel] Oh, Jeeez...!, Pascal Levasseur, 2016/05/26
- Re: [Sks-devel] Oh, Jeeez...!, Moritz Wirth, 2016/05/26
- Re: [Sks-devel] Oh, Jeeez...!, Robert J. Hansen, 2016/05/26
- Re: [Sks-devel] Oh, Jeeez...!, Martin Papik, 2016/05/27
- Re: [Sks-devel] Oh, Jeeez...!, Pascal Levasseur, 2016/05/27