[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] Oh, Jeeez...!
|
From: |
Robert J. Hansen |
|
Subject: |
Re: [Sks-devel] Oh, Jeeez...! |
|
Date: |
Thu, 26 May 2016 12:51:18 -0400 |
|
User-agent: |
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.1.0 |
> The administrators of the SKS servers should be able to choose the level
> of complexity of the proof of work using a parameter in the SKS server
> configuration file.
No, they shouldn't. Think about it. If you're an attacker looking to
bypass this mechanism, what do you do? You find the keyserver operator
with the lowest proof-of-work, upload there, and bam, they're propagated
to the high proof-of-work servers.
The proof-of-work required through the system is the *lowest* of all the
keyserver operators.
- Re: [Sks-devel] Oh, Jeeez...!, (continued)
Re: [Sks-devel] Oh, Jeeez...!, Valentin Sundermann, 2016/05/25
- Re: [Sks-devel] Oh, Jeeez...!, Christian Felsing, 2016/05/25
- Re: [Sks-devel] Oh, Jeeez...!, Robert J. Hansen, 2016/05/25
- Re: [Sks-devel] Oh, Jeeez...!, Pascal Levasseur, 2016/05/26
- Re: [Sks-devel] Oh, Jeeez...!, Moritz Wirth, 2016/05/26
- Re: [Sks-devel] Oh, Jeeez...!,
Robert J. Hansen <=
- Re: [Sks-devel] Oh, Jeeez...!, Martin Papik, 2016/05/27
- Re: [Sks-devel] Oh, Jeeez...!, Pascal Levasseur, 2016/05/27
- Re: [Sks-devel] Oh, Jeeez...!, Kim Minh Kaplan, 2016/05/27
- Re: [Sks-devel] Oh, Jeeez...!, Andrew Gallagher, 2016/05/27
- Re: [Sks-devel] Oh, Jeeez...!, Daniel Kahn Gillmor, 2016/05/27
- Re: [Sks-devel] Oh, Jeeez...!, Andrew Gallagher, 2016/05/27
- Re: [Sks-devel] Oh, Jeeez...!, Gunnar Wolf, 2016/05/27
Re: [Sks-devel] Oh, Jeeez...!, Robert J. Hansen, 2016/05/27