-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Christoph Anton Mitterer wrote:
On Sun, 2009-02-01 at 16:25 -0500, Daniel Kahn Gillmor wrote:
So: Is this scheme fully implemented and easy-to-use yet? No. But
the pieces are there, and it's already been assembled piecemeal with
currently-available tools. If you are interested, or manage to push
it further, i'd be very happy to hear about your progress.
Well my time's limited ^^...
I had hoped to get somehow in contact with the keyserver software
developers,..
sks-devel[AT]nongnu.org
Yaron Minsky did the development work, but doesn't have time for new development
only maintenance.
The other keyserver list, pgp-keyserver-folk[AT]alt.org, seems to have gone
missing.
The keyservers should also communicate secured with each other,.. in you
setup there's still the (of course very small) chance that the secure
keyserver (e.g. your's) is already attacked and doesn't get the full
data during its synchronisation with the others,...
Under SKS, it will get that data from another keyserver. To forge a key would
require co-opting and taking simultaneous control of all the SKS keyservers.
To fool a keyserver would require being able to fake hashes of the database
contents on-the-fly.
and I suppose most people use one of the "big/wellknown" keyservers when
submitting their keys.
Yeah, even when the code the keyserver runs is broken/orphaned.
And as you've said, one important point would be client support...
The average user probably don't want to set up socat or any similar
proxy.
No, it would have to be done in the client.
- --
John P. Clizbe Inet:John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or
mailto:pgp-public-keys(_at_)gingerbear(_dot_)net?subject=HELP
Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10-svn4907-2008-12-21 (Windows XP)
Comment: When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!
Comment: Be part of the £33† ECHELON -- Use Strong Encryption.
Comment: It's YOUR right - for the time being.
Comment: Using GnuPG with SeaMonkey - http://enigmail.mozdev.org
iJwEAQECAAYFAkmGTk4ACgkQvh+YERi7Nzp22QP/TeruwklRnyW0M4K0fpLJursc
cHQYb52ma0BhADsZW0YbU/YX4R2303gIrNkg0XDmrVZZ4v7//D2Qod6PCKvXRlrg
XCWASWmECorNe/cE+7REu4NZD8TxHAVexzwEAGIEJsOmdzyWllU3hBgzFA1F1E5j
AsDmH9Rk3npVJRtu4+uIRgQBEQIABgUCSYZOTgAKCRAdBKxKYI0qECUTAJ44dzIM
d0wDJnN62gmUzxhU8QWYdgCfeKeWjZvv6nQ3LS8N65zp7s4Nq5o=
=ZBt6
-----END PGP SIGNATURE-----