ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Do we need to secure our keyservers against kind of DoS Attacks

2009-02-01 21:58:39
from [Christoph Anton Mitterer] [Permanent Link] 
Hi John.


On Sun, 2009-02-01 at 19:37 -0600, John Clizbe wrote:

sks-devel[AT]nongnu.org

Yaron Minsky did the development work, but doesn't have time for new 
development
only maintenance.

Thanks for that info :-)

Hmm,.. what are our main keyserver implementations? sks and pks are the only 
ones I know about...



Under SKS, it will get that data from another keyserver. To forge a key would
require co-opting and taking simultaneous control of all the SKS keyservers.

Of course,.. I've already that,.. that this part is more a theoretical
point ;-)



And as you've said, one important point would be client support...
The average user probably don't want to set up socat or any similar
proxy.

No, it would have to be done in the client.

That's what I meant ;)

Best wishes,
-- 
Christoph Anton Mitterer
Ludwig-Maximilians-Universität München

christoph(_dot_)anton(_dot_)mitterer(_at_)physik(_dot_)uni-muenchen(_dot_)de
mail(_at_)christoph(_dot_)anton(_dot_)mitterer(_dot_)name

Attachment: smime.p7s
Description: S/MIME cryptographic signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Series of minor questions about OpenPGP 6, Christoph Anton Mitterer
Next by Date:  Re: Series of minor questions about OpenPGP 6, David Shaw
Previous by Thread:  Re: Do we need to secure our keyservers against kind of DoS Attacks, John Clizbe
Next by Thread:  Re: Do we need to secure our keyservers against kind of DoS Attacks, John Clizbe
Indexes:  [Date] [Thread] [Top] [All Lists]