[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] Changes to sks-keyservers.net pools
|
From: |
Kristian Fiskerstrand |
|
Subject: |
Re: [Sks-devel] Changes to sks-keyservers.net pools |
|
Date: |
Sun, 11 May 2014 22:43:27 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 05/06/2014 02:55 PM, Jeremy T. Bouse wrote:
> On 05/06/2014 05:08 AM, Kristian Fiskerstrand wrote:
>> Dear lists,
>>
>> Following the release of SKS 1.1.5[0] the following changes will
>> be made to the pools of sks-keyservers.net
>>
>> subset.pool.sks-keyservers.net has been set to a minimum
>> requirement of SKS 1.1.5 with immediate effect.
>>
>> Due to CVE-2014-3207[1] I want to bump
>> hkps.pool.sks-keyservers.net to a requirement of 1.1.5 as this
>> can potentially be in another security context / zone, however
>> I'm giving this a grace period of (at least) 45-60 days to allow
>> server administrators to upgrade their servers.
In recognition of package-maintainers backporting the security fixes
to older versions of SKS for stable systems I'm revising the latter
statement a bit. I have now implemented a test for affected servers
instead of relying on the version information. This is currently
active, and non-patched servers in the HKPS pool should now show up
with an orange flag for the HKPS column.
- --
- ----------------------------
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- ----------------------------
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ----------------------------
Nomina stultorum scribuntur ubique locorum
Fools have the habit of writing their names everywhere
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJTb+DmAAoJEPw7F94F4TagQXsQAJi/479jLOtlKsihAohC5XcR
RQoA6UDhcinCKvIGg5zzMcGd6aY9z2O+yDrGj5AX3k6j5ijEf0uU6Ia+tEj8OeVF
j7VpDwdjtT3r78cipRLcvKEPBSHRTtSJ8qQQW7fLG56u8GiRu6ycR+fG/Q1w8o3A
wJgvnCjLXnUWDuSLHN31uUQzyoYtACb06oUIGBpZ/gMMImiRSphBsNO7duxH+D3z
oqLxgzO/YEj3iyLy6QmE/csC22Ty1dB+ppfC7dTU5LjKbxI0Z8qLw1+/SPWRgPG6
xMgerJLkYPVq99JtRFP7I58o3fEIWJaNAP/1rRgycIzwElDdOezh/VZwVpmLtTXq
ha2TefFm2D6h8rdCId5gVbGkpy8GN7FnN5DUqJ3GmdMuev22vzCSpWA7S5B9Xcyk
RAFiHvDag0RJC63SMyefOucoOk50wDdJ06pUByMQx5x4j5uCb6XEwozk1jST9uP2
MgWYXaaAv6ftt8Jk8C67f13Uvdbhap2V6pePuDGocLXrTDJr/R9afNEYW6UmaXiN
BeRO3OsU55lO5GRUIutf6+RY3Q83EAKa7zO78HEkedebjAJxTEZ5EwxBj+toFwxs
IQTre3Ec5y2UY8jlFdLmsTCuT5P8YnQqMjhiWLvrSsgtEno4jt9TbfCxpIfNzlIP
0jpO1kt1GcRn1Z6JUzH5
=TKch
-----END PGP SIGNATURE-----
Re: [Sks-devel] Changes to sks-keyservers.net pools, Dinko Korunic, 2014/05/06
Re: [Sks-devel] Changes to sks-keyservers.net pools, Daniel Austin, 2014/05/06
Message not available