SKS Keyserver Network Under Attack
Andrew Gallagher
andrewg at andrewg.com
Sun Jun 30 10:34:52 CEST 2019
> On 30 Jun 2019, at 09:19, Robert J. Hansen <rjh at sixdemonbag.org> wrote:
>
> The next version of Enigmail will no longer use the SKS network by
> default. Great! But what about existing Enigmail users? They'll see a
> signature, click "Import Key", and ... bam. They're likely not going to
> think that someone's performing a malicious attack by poisoning
> certificates: they're going to think "this is crap" and walk away.
Thankfully there is a practical - if drastic - solution for all OpenPGP users everywhere. Point pool.sks-keyservers.net (and its various aliases) somewhere else. The question is where to and how soon.
A
More information about the Gnupg-users
mailing list