[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] [openpgp-email] Keyservers and GDPR

From: Mike
Subject: Re: [Sks-devel] [openpgp-email] Keyservers and GDPR
Date: Wed, 7 Nov 2018 10:58:54 +0100

So it seems like the usual response is to ignore the fatal issues that could 
affect this network. 6 months on from the first set of PoC's and no one has 
stepped forward to fix them - they have only attempted to defend the network 
through pride. How is anyone meant to trust infrastructure run by people who 
avoid problems like this?

As usual, people keep burying their heads in the sand with nothing more than 
excuses. Something as simple and small as a Raspberry Pi could down the entire 
network. "Resilient against governments"? I don't think so! These servers no 
longer provide the function they once promised, and this needs to be addressed 
by the leading figures of the community with direct and clear responses, not 

I believe that Kristian is the main spokesperson? He has never once stepped 
forward and commented on any of the issues.

Kind Regards


On Wed, 07 Nov 2018 10:13:06 +0100
Werner Koch <address@hidden> wrote:

> On Tue,  6 Nov 2018 17:27, address@hidden said:
> > I do roughly recal that such a verification process has been discussed for
> > the SKS keyservers at one of the pgp-summit before, but i wonder what
> > happened to the idea. However, if it that is “good enough” to be compliant
> This requires that there are no rogue keyservers in the network and that
> in turn means that they are under the control of a single entity.  Or
> in short, let Google take care of it.
> Such verification will be a single point of failure and it would be
> trivial for governments or corporations to take down a key.
> Shalom-Salam,
>    Werner
> -- 
> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

me <address@hidden>

reply via email to

[Prev in Thread] Current Thread [Next in Thread]