[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] heads-up: another attack tool, using SKS as FS
From: |
Robert J. Hansen |
Subject: |
Re: [Sks-devel] heads-up: another attack tool, using SKS as FS |
Date: |
Sat, 14 Jul 2018 03:17:34 -0400 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 |
> I think the time has come where we have to re-evaluate what the
> keyservers are *for*. Once we answer that, we answer what should be
> done about it.
I agree, although I think maybe you're not taking it far enough.
What threats should we be defending against?
The original idea of a keyserver network came out of the early 1990s.
It was the product of that vision -- where even liberal democracies of
the West were tightly controlling crypto and the general belief was that
even nations like the US and UK might make it illegal to use strong
crypto. We also believed governments would try to coerce keyserver
operators into cooperating with man-in-the-middle attacks, and that
keyservers would be high-value targets because they were the principal
way people could look up certificates.
This vision informed pretty much every single engineering decision that
went into the keyserver network. It is still the vision influencing the
keyserver network today.
It is also, as near as I can tell, batshit nonsense. AFAIK, _no_
keyserver operator in the West has ever been served with a court
instrument compelling cooperation with MITM attacks or removing a key
from the server or whatever. In 26 years this fear has literally never
come to pass.
Maybe we should rethink our threat model.
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, (continued)
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Tobias Frei, 2018/07/13
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Tom at FlowCrypt, 2018/07/13
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Ryan Hunt, 2018/07/13
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Robert J. Hansen, 2018/07/13
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Ryan Hunt, 2018/07/13
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Robert J. Hansen, 2018/07/14
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Kiss Gabor (Bitman), 2018/07/14
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Robert J. Hansen, 2018/07/14
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Tom at FlowCrypt, 2018/07/14
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Andrew Gallagher, 2018/07/14
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS,
Robert J. Hansen <=
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Ryan Hunt, 2018/07/13
Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Andrew Gallagher, 2018/07/14
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Human at FlowCrypt, 2018/07/14
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Robert J. Hansen, 2018/07/14
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Gabor Kiss, 2018/07/14
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Hendrik Visage, 2018/07/14
- Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Jeremy T. Bouse, 2018/07/14
Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Tom at FlowCrypt, 2018/07/14
Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Hendrik Visage, 2018/07/14
Re: [Sks-devel] heads-up: another attack tool, using SKS as FS, Andrew Gallagher, 2018/07/14