[Sks-devel] Unusual traffic for key 0x69D2EAD9 and 0xB33B4659

[Andrew Nagy]

All,

Looking to figure out a solution here. A Maintainer on the Ubuntu Key server informed me about discussion of the following keys 0x69D2EAD9 and 0xB33B4659 here: https://lists.nongnu.org/archive/html/sks-devel/2019-01/msg00003.html

Unfortunately the email address address@hidden is just a black hole and so the email that was sent there from Brent Saner was lost forever.

I currently run the FreePBX project which uses the GPG network to sign modules. Unfortunately due to: https://bitbucket.org/skskeyserver/sks-keyserver/issues/57/anyone-can-make-any-pgp-key-unimportable

Someone poisoned our master key that we use to sign all other keys. This has caused issues on the sks network for a while. However since January we've noticed more and more sks servers are now just timing out and not returning back our requests for 0xB33B4659. I assume that is probably because of the message thread from January.

The way FreePBX software works is that it checks nightly against a list of key servers to redownload 0x69D2EAD9 and 0xB33B4659 and re-verify. However it appears that for many of you the bandwidth this causes is much too high. Internally we need to recreate our master key without the poison but I am afraid it will just as easily be re-poisoned again. Also even if we put a new key out you will notice traffic increase from those keys over time and well and we will be back to the bandwidth issue.

Perhaps we should be using GPG locally instead of through the GPG key network. Let me know what you guys think,

Thank you