[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] Cease of operation: *.gnupg.pub
|
From: |
Kristian Fiskerstrand |
|
Subject: |
Re: [Sks-devel] Cease of operation: *.gnupg.pub |
|
Date: |
Tue, 24 Apr 2018 11:03:29 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 |
On 04/24/2018 10:57 AM, Franck Nijhof wrote:
> My initial message was not about the hosting, but being able to
> manipulate the system with ease, Somehow, that severe and alarming
> message is now overshadowed by a discussion on Open Source
> platforms.
It would be helpful if you described the threat model you're worried
about and actual impacts. fwiw, as far as I can see your servers were
never included in hkps nor tor ports either which reduces some privacy
angles. If you're worried about info leak there are easier ways for an
attacker to impact traffic though, but the original report reads too
much like a rant and has insufficient info to comment much.
--
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
"We all die. The goal isn't to live forever, the goal is to create
something that will."
(Chuck Palahniuk)
signature.asc
Description: OpenPGP digital signature