On Mon, Nov 17, 2025 at 10:27 AM Jeremy Stanley <[email protected]> wrote: > > On 2025-11-16 02:57:02 +0000 (+0000), > [email protected] wrote: > > Do these other keyring servers leave the key intact? I stopped > > using the key servers for my small personal projects and just have > > my public key posted on my personal website because one of them ( > > keys.openpgp.org I think ) lists my public key, but it seems to > > have stripped all the identifying information from it so it can't > > be searched for by email address and even if you download the copy > > they have apps like Kleopatra fail to import it, and when > > comparing it to my copy of the public key I manually exported the > > contents are MUCH shorter on their copy. > [...] > > The main reason for this, as I understand it, is to avoid the > vulnerabilities which led to the fall of the SKS keyserver network. > In short, the traditional keyserver model of allowing anyone to > upload third-party signatures for keys they didn't control led > eventually to vandals and other malicious persons uploading unwanted > signatures with objectionable content or in volumes which overflowed > the ability of clients and servers to deal with them (denial of > service on the network and also on specific keys making them > irretrievable). They did this in the most severe way possible, > essentially filtering out all third-party signatures and even > self-signatures and UIDs if the uploader can't prove control of the > E-mail addresses associated with them (which implicitly means > discarding non-E-mail identities too such as photo images). > > Discussions I followed some time ago indicated they were willing to > accept updates that enabled a caff-style approval process for > third-party signatures at least, but it sounded like the existing > team didn't have the resources to develop such a feature and that it > would require additional volunteers working on that.
And to add some reading material, see <https://dkg.fifthhorseman.net/blog/openpgp-certificate-flooding.html>. Daniel Kahn Gillmor (dkg) was one of the folks who was targeted in the attack. Jeff
