I'm the author, didn't expect my German text to end up high on HN.<p>If you don't speak German Google translate does a good enough job:
<a href="https://translate.google.de/translate?sl=de&tl=en&js=y&prev=_t&hl=de&ie=UTF-8&edit-text=&act=url&u=https%3A%2F%2Fwww.golem.de%2Fnews%2Fverschluesselung-aerger-fuer-die-pgp-keyserver-1904-140512.html" rel="nofollow">https://translate.google.de/translate?sl=de&tl=en&js=y&prev=...</a><p>If you have questions I'll try to answer them
This is good to know. So in order to prevent the abuse of keyservers and increase the proliferation of them what should be done?<p>1. limit the size of keys (ECC or edd25519 plus hard limits fixes this, yes?)<p>2. provide a verified submission for keys and signatures (have users sign their submissions)<p>3. verify email addresses? (i don't care about this one)<p>4. disallow old, vulnerable, or insecure keys or cryptographic methods? (require new crypto as necessary)<p>5. Provide new open source key server software entirely? Update the old stuff because it's still salvageable?<p>I find it funny as hell that the author is worried about data retention policies when it's baked into the software and it's explicitly stated in many places that the keys can't be removed. Maybe I should just read <a href="https://gitlab.com/dkg/draft-openpgp-abuse-resistant-keystore/blob/master/draft-dkg-openpgp-abuse-resistant-keystore.md" rel="nofollow">https://gitlab.com/dkg/draft-openpgp-abuse-resistant-keystor...</a> and just implement everything that doesn't seem like a big brother suggestion.
I find it amusingly ironic, that the primary framework for authenticating keys is inherently untrustworthy. As TFA mentions about 'poisoned keys' are only part of the problem. I have a key I created in the mid-to-late 90's using a super-secret-strong-password, and yupp; can't remember it. But it doesn't matter, because nothing I created or signed back then is worth looking at again.<p>BUT that 'fear of re-loss' limits my current usage of PGP/GPG too.
I have my accountant trained to decrypt my attachments and email, and I have my staff trained to use it too, but it's still a real pain in the ass. I would have much better faith in a system that I could remotely manage the keyserver for when I fuck up. Being able to 'reset the password' (maybe use a 2FA style system) would be nice, but would also make it meaningless.<p>GPG-As-A-Service ?<p>If I ever forget my SSH passphrase, I can always generate a new key because I also have access to the server to accept the new key.<p>It's turtles all the way down.
Interesting that people still care enough about PGP key servers to play those games.<p>The attacks themselves aren't new. Years ago there was somebody duplicating large connected sets of keys.
Interesting. What updates to enterprise key management exist that are improving this? Like Thales/Vormetric and Ionic Security.<p>> <a href="https://www.thalesesecurity.com/products/key-management/integrated-key-management" rel="nofollow">https://www.thalesesecurity.com/products/key-management/inte...</a>
tldr w/ translation-<p>The PGP key servers are designed to accept almost anything unchecked. This leads to numerous problems, most recently the keyservers became more and more unreliable due to attacks with poisoned keys.