On Thursday, 1 January 2015, Robert J. Hansen <r...@sixdemonbag.org> wrote:
> > I’ve discussed this attack vector on the keyserver mailing list. The > general consensus is that the attack that I’m concerned about is real, and > would result in serious disruption to the global keyserver network for an > extended period until we developed countermeasures — but those > countermeasures would fundamentally transform the keyserver network and > force us to radically redefine our expectations of service. > > Before people think I’m overreacting — > No. It is a realistic attack. Key servers might legitimately strip photo ids if it were ever a problem, IMHO. But in fact, a UID packet can contain arbitrary data anyway, can't it? Isn't that just the same problem. N.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
