sks-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Building SKS on Alpine Linux 3.12 with ocaml 4.08

From: Todd Fleisher
Subject: Re: Building SKS on Alpine Linux 3.12 with ocaml 4.08
Date: Fri, 16 Oct 2020 09:35:55 -0700
On Oct 16, 2020, at 08:46, Skip Carter <skip@taygeta.com> wrote:

What are the characteristics of a poison key ?

A large number of bogus 3rd party signatures applied to the public key and uploaded to the network

What makes it bad ?

The key size becomes too large for GPG to process it

I wonder if there is an algorithmic way to deal with them instead of a
blacklist.

This has been discussed to death on the list previously. Check the archives if you’d like more info. The short answer is no due to a lack of development resources. GNUPG has already mitigated against this by stripping 3rd party signatures & numerous GPG implementations have also moved to keys.openpgp.org as the default keyserver in response to this issue.

-T

--
Dr Everett (Skip) Carter  0xF29BF36844FB7922
skip@taygeta.com

Taygeta Scientific Inc
607 Charles Ave
Seaside CA 93955
831-641-0645 x103



Attachment: signature.asc
Description: Message signed with OpenPGP

reply via email to
[Prev in Thread] Current Thread [Next in Thread]