sks-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] Oh, Jeeez...!

From: Tobias Frei
Subject: Re: [Sks-devel] Oh, Jeeez...!
Date: Tue, 24 May 2016 16:17:31 +0000
Hi,

Adding proof of work can only prevent an attack that depends on a huge number of useless keys. Someone else once mentioned that a single key with an illegal image ID can already cause huge problems, and deleting such a key can become the only way to be legally allowed to continue running a keyserver.

About lacking keys, well, if the pool selection mechanism causes working keyservers to be removed, that's a separate problem that needs to be solved after this one, I think. It should not be an argument for or against this suggestion, but instead needs to adapt to the current situation.

Best regards,
Tobias Frei

(sorry, I accidentally sent this as direct reply instead of list reply before) 

On Tue, May 24, 2016, 17:00 Pascal Levasseur <address@hidden> wrote:
Le 24/05/2016 06:33, Kiss Gabor (Bitman) a écrit :
> Guys,
>
> Have you remembered I'm continuosly worrying about
> trolls pumping 10-20 millions of dummy keys into key servers?
> It is started...
>
> http://keys.niif.hu/pks/lookup?op=vindex&search=0x0B7F8B60E3EDFAE3
> (Scroll over the whole page.)
>
> So we must hard think how to delete keys/signatures.
>
> Gabor
>
> _______________________________________________
> Sks-devel mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/sks-devel
>

Can we add a proof of work mechanism to make adding a key to the server
more "costly" ?.

Pascal

_______________________________________________
Sks-devel mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/sks-devel
reply via email to
[Prev in Thread] Current Thread [Next in Thread]