On Fri, 2019-10-18 at 09:19 +0200, Stefan Claas via Gnupg-users wrote: > Robert J. Hansen wrote: > > > 1. How should we handle the SKS keyserver attacks? > > I would list in the FAQ the kind of attacks possible, > to educate users, before they choose one for uploading > their key. > > > One school of thought says "SKS is tremendously diminished as a > > resource, because using it can wedge older GnuPG installations and we > > can't make people upgrade. We should recommend people use other methods > > than SKS." If you think this is correct, please let me know what you > > think the alternate method should be. > > > > Another says, "with a recent GnuPG release SKS may be used productively > > and we should keep the current advice." > > > > Is there another solution I'm overlooking? Please don't think I'm > > limiting the discussion to just those two. If you've got a third way > > (or a fourth, or a fifth) I'd love to hear them. > > It would be nice if you can add to the keyserver list also the > mailvelope.com keyserver, because it requires users to authenticate > their keys against the keyserver with an received encrypted email > and it also allows keeping third party signatures, compared to > Hagrid. > > https://keys.mailvelope.com >
This domain seems not to resolve with DNSSEC-capable resolvers. -- Best regards, Michał Górny
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
