Jonkman Microblog
  • Login
Show Navigation

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. Shufei 🈳 (shufei@mastodon.sdf.org)'s status on Thursday, 19-Sep-2019 18:14:08 EDT Shufei 🈳 Shufei 🈳

    I discovered a few weeks late, natch, that SKS keyservers are now deprecated thanks to poor security. The weevils finally gnawed through. Public keys themselves still work, apparently uncompromised per se. But an attack using many multiple signatures can crash GPG. For this and many other reasons, it’s best to use the next generation keyserver being built at:

    https://keys.openpgp.org
    http://zkaan2xfbuxia2wpf7ofnkbz6r5zdbbvxbunvp5g2iebopbfc4iqmbad.onion/

    An educated and irate discussion about the insecurity of SKS:
    https://gist.github.com/rjhansen/f716c3ff4a7068b50f2d8896e54e4b7e

    In conversation Thursday, 19-Sep-2019 18:14:08 EDT from mastodon.sdf.org permalink

    Attachments

    1. SKS Keyserver Network Attack: Consequences
      from Gist
      SKS Keyserver Network Attack: Consequences. GitHub Gist: instantly share code, notes, and snippets.
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

Jonkman Microblog is a social network, courtesy of SOBAC Microcomputer Services. It runs on GNU social, version 1.2.0-beta5, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All Jonkman Microblog content and data are available under the Creative Commons Attribution 3.0 license.

Switch to desktop site layout.