[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] heads-up: another attack tool, using SKS as FS

From: Andrew Gallagher
Subject: Re: [Sks-devel] heads-up: another attack tool, using SKS as FS
Date: Sat, 14 Jul 2018 08:01:35 +0100

On 14 Jul 2018, at 04:37, Robert J. Hansen <address@hidden> wrote:

>> IMHO Photo-ID should be dropped entirely, I see no point and its just
>> ripe for abuse like this..
> Unfortunately, we really can't.  They've been part of OpenPGP
> certificates for just about twenty years now.  They are an expected part
> of the certificate.  Users already scream bloody murder about GnuPG and
> Enigmail dropping support for SE packets and those have been deprecated
> since 2003.  The idea of just waving a wand and getting rid of a
> non-deprecated part of a public key is just ... no.

It depends on what we believe keyservers are for. If they are a method for 
obtaining a complete key by looking up a user ID, then you’re right, it’s a non 
starter. But I don’t believe that’s what keyservers should be for any more, 
because I don’t believe that can be done without abuse.

I think the time has come where we have to re-evaluate what the keyservers are 
*for*. Once we answer that, we answer what should be done about it. 


reply via email to

[Prev in Thread] Current Thread [Next in Thread]