[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] withdrawal of service:

From: Andrew Gallagher
Subject: Re: [Sks-devel] withdrawal of service:
Date: Fri, 13 Jul 2018 19:53:01 +0100


Sad but not surprised. Thanks for all your time and effort. It has been much 

For myself, has been broken for several weeks now and I’m 
not sure I have the heart to go to the effort of restoring it only for it to be 
clobbered again. I am reluctant to declare defeat, but this calls for a 
tactical retreat and regroup. 

I am still willing to help with possible upgrades and/or replacements for the 
SKS network. At this point I have come to believe that a minimal network 
containing only key material, SBINDs and revocations (no id packets, no third 
party sigs) is the absolute maximum functionality we can hope to sustain in the 
long term. And for this to be bulletproof, all such material must be 
cryptographically verified (otherwise people could just create “random” key 
material containing arbitrary data).

Providing search by uid appears to be a lost cause. DNS, WKD and proprietary 
services like keybase are probably the only way this can be done without 
opening pandora’s box. 

Andrew Gallagher

> On 13 Jul 2018, at 18:34, Phil Pennock <address@hidden> wrote:
> Folks, with immediate effect, I am withdrawing from
> service and it will not be returning in its current form.
> I am about to disable the DNS in, while leaving the SKS
> service itself running, so that clients using pools will not be
> adversely impacted.  I'll give it a few hours for pools to update and
> caches to expire, before turning off SKS itself.
> I have already disabled SKS recon.
> It's been an educational ride.
> I'm willing to fight jurisdictional overreach, but with Yet Another
> Attack Tool to abuse the resources which I provide out of my pocket,
> combined with large chunks of the traffic appearing to be to support
> operational incompetence by certain software publishers, I don't see
> that I'm successfully spending my money to good effect, supporting a
> community of users who care about verifiable integrity and some privacy.
> With the latest attack tool providing for generic filesystem storage
> such that attaching a file doesn't even require understanding how to use
> a user-attribute packet, the threat of KP upload has just increased by
> an order of magnitude.  I'm not willing to be part of that.
> My key remains available at the URL in the OpenPGP: header of all my
> emails, and via finger: (for my name @ my domain).  I'll explore WKD
> again, sometime later this year.
> Regards,
> -Phil, surrendering
> _______________________________________________
> Sks-devel mailing list
> address@hidden

reply via email to

[Prev in Thread] Current Thread [Next in Thread]