> On Aug 15, 2019, at 3:33 PM, Werner Koch wrote:
>
> On Thu, 15 Aug 2019 00:02, gnupg-users@gnupg.org said:
>
>> But at least then we will want to add cryptography to see which
>> selfsigs are truly legitimate, right?
>
> That would be the first and most important step to get the keyservers
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Thursday 15 August 2019 at 7:07:34 AM, in
, Andrew
Gallagher wrote:-
> Also, if thousands of
> separate keys have
> signed another key, making it unusable, how do we
> decide which of
> those thousands of keys are legit and which the bad
> a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Thursday 15 August 2019 at 10:26:31 AM, in
, Peter
Lebbing wrote:-
> Plus, the attacker could just create a signature that
> looks likely to be
> real (self-sig or existing third-party sig seems a
> good candidate).
Would the attack work
On Thu, 15 Aug 2019 00:02, gnupg-users@gnupg.org said:
> But at least then we will want to add cryptography to see which
> selfsigs are truly legitimate, right?
That would be the first and most important step to get the keyservers
back for the WoT
Shalom-Salam,
Werner
--
Die Gedanken sind
Hello,
> ni@quark:~/.ssh$ ps aux | grep 22009
> ni7740 0.0 0.0 6076 892 pts/6S+ 11:21 0:00 grep
> 22009
> ni 22009 2.0 0.2 89404 78536 ?RL 02:51 10:30 gpg
> --batch --no-sk-comments --status-fd 104 --no-tty --charset utf8
> --enable-progress-filter --exit-
By the way, I keep intending to put this as a PS on a proper mail, but I
always forget.
All my mails to Rob keep bouncing. The first bounce was June 30th. I'm
not including the bounce message here on the off chance that there is
something non-public about Robs mail infrastructure :-). So Rob can f
On 15/08/2019 08:50, Robert J. Hansen wrote:
> Additionally, the bad guys can create new malicious certificates faster
> than the keyserver network can blacklist.
Plus, the attacker could just create a signature that looks likely to be
real (self-sig or existing third-party sig seems a good candid
