Re: [Sks-devel] "quality" of keyservers offering hkps

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] "quality" of keyservers offering hkps

From:	Christoph Egger
Subject:	Re: [Sks-devel] "quality" of keyservers offering hkps
Date:	Thu, 14 Aug 2014 14:12:53 +0200
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)

"Kiss Gabor (Bitman)" <address@hidden> writes:
>> - mitm attacks  may manipulate up-/downloaded keys
>
> no
>
> Every uploaded key can be manipulated legally by anyone.
> (I.e. you attach a new signature to your friend's key
> and you send back to the key servers.)
> Moreover anybody can send a totally new key in the name of you.
> Public key server is like Wikipedia or a piece of paper.
> And everybody has a pencil. :-)

You can still block certain pakets from up/downloads (i.e. not
providing signature pakets for some key -- kind of a DoS when checking a
trust path)

  Christoph

-- 
9FED 5C6C E206 B70A 5857  70CA 9655 22B9 D49A E731
Debian Developer | Lisp Hacker | CaCert Assurer

pgp_ggEz1E5mS.pgp
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Sks-devel] "quality" of keyservers offering hkps, Matthias Schreiber, 2014/08/13
- Re: [Sks-devel] "quality" of keyservers offering hkps, Phil Pennock, 2014/08/13
  - Re: [Sks-devel] "quality" of keyservers offering hkps, Matthias Schreiber, 2014/08/14
    - Re: [Sks-devel] "quality" of keyservers offering hkps, Kiss Gabor (Bitman), 2014/08/14
    - Re: [Sks-devel] "quality" of keyservers offering hkps, Christoph Egger <=
    - Re: [Sks-devel] "quality" of keyservers offering hkps, Kristian Fiskerstrand, 2014/08/14
    - Re: [Sks-devel] "quality" of keyservers offering hkps, Pete Stephenson, 2014/08/14
    - Re: [Sks-devel] "quality" of keyservers offering hkps, Kristian Fiskerstrand, 2014/08/14
    - Re: [Sks-devel] "quality" of keyservers offering hkps, Pete Stephenson, 2014/08/14
    - Re: [Sks-devel] "quality" of keyservers offering hkps, Kristian Fiskerstrand, 2014/08/14
    - Re: [Sks-devel] "quality" of keyservers offering hkps, Gabor Kiss, 2014/08/14
    - Re: [Sks-devel] "quality" of keyservers offering hkps, Phil Pennock, 2014/08/14
- Re: [Sks-devel] "quality" of keyservers offering hkps, Gabor Kiss, 2014/08/14

Prev by Date: Re: [Sks-devel] "quality" of keyservers offering hkps
Next by Date: Re: [Sks-devel] "quality" of keyservers offering hkps
Previous by thread: Re: [Sks-devel] "quality" of keyservers offering hkps
Next by thread: Re: [Sks-devel] "quality" of keyservers offering hkps
Index(es):
- Date
- Thread