Robert J. Hansen wrote: > 1. How should we handle the SKS keyserver attacks?
I would list in the FAQ the kind of attacks possible, to educate users, before they choose one for uploading their key. > One school of thought says "SKS is tremendously diminished as a > resource, because using it can wedge older GnuPG installations and we > can't make people upgrade. We should recommend people use other methods > than SKS." If you think this is correct, please let me know what you > think the alternate method should be. > > Another says, "with a recent GnuPG release SKS may be used productively > and we should keep the current advice." > > Is there another solution I'm overlooking? Please don't think I'm > limiting the discussion to just those two. If you've got a third way > (or a fourth, or a fifth) I'd love to hear them. It would be nice if you can add to the keyserver list also the mailvelope.com keyserver, because it requires users to authenticate their keys against the keyserver with an received encrypted email and it also allows keeping third party signatures, compared to Hagrid. https://keys.mailvelope.com Regards Stefan -- box: 4a64758de9e8ceded2c481ee526440687fe2f3a828e3a813f87753ad30847b56 certified OpenPGP key blocks available on keybase.io/stefan_claas _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users