oss-sec mailing list archives
Re: 0xdeadbeef comes of age: making keysteak with GnuPG
From: Daniel Kahn Gillmor <dkg () fifthhorseman net>
Date: Fri, 10 Oct 2014 11:47:28 -0400
On 10/10/2014 11:06 AM, David Leon Gil wrote:
(In summary: If you don't use the WoT, get OpenPGP keys via HTTPS. E.g.: keybase.io or pgp.mit.edu (the latter thanks to Yan Zhu's lobbying).)
If we're going to advocate for accessing keyservers via https (which i think is a lovely idea, even if it doesn't mitigate all possible attacks), it's worth advocating for the well-curated hkps.pool.sks-keyservers.net [0], rather than encouraging everyone to flood either https://keybase.io or https://pgp.mit.edu with traffic. I agree with David and Thijs that OpenPGP v3 keys are long overdue for the chopping block. --dkg [0] https://sks-keyservers.net/overview-of-pools.php#pool_hkps
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- 0xdeadbeef comes of age: making keysteak with GnuPG David Leon Gil (Oct 10)
- Re: 0xdeadbeef comes of age: making keysteak with GnuPG Daniel Kahn Gillmor (Oct 10)
- Re: 0xdeadbeef comes of age: making keysteak with GnuPG David Leon Gil (Oct 10)
- Re: 0xdeadbeef comes of age: making keysteak with GnuPG Daniel Kahn Gillmor (Oct 10)
- Re: Re: 0xdeadbeef comes of age: making keysteak with GnuPG Daniel Kahn Gillmor (Oct 10)
- Re: Re: 0xdeadbeef comes of age: making keysteak with GnuPG Kurt Seifried (Oct 10)
- Re: Re: 0xdeadbeef comes of age: making keysteak with GnuPG flapflap (Oct 10)
- Re: 0xdeadbeef comes of age: making keysteak with GnuPG David Leon Gil (Oct 10)
- Re: 0xdeadbeef comes of age: making keysteak with GnuPG Kristian Fiskerstrand (Oct 10)
- Re: 0xdeadbeef comes of age: making keysteak with GnuPG Werner Koch (Oct 10)
- Re: 0xdeadbeef comes of age: making keysteak with GnuPG Daniel Kahn Gillmor (Oct 10)