Follow

I discovered a few weeks late, natch, that SKS keyservers are now deprecated thanks to poor security. The weevils finally gnawed through. Public keys themselves still work, apparently uncompromised per se. But an attack using many multiple signatures can crash GPG. For this and many other reasons, it’s best to use the next generation keyserver being built at:

keys.openpgp.org
zkaan2xfbuxia2wpf7ofnkbz6r5zdb

An educated and irate discussion about the insecurity of SKS:
gist.github.com/rjhansen/f716c

Sign in to participate in the conversation
Mastodon @ SDF

"I appreciate SDF but it's a general-purpose server and the name doesn't make it obvious that it's about art." - Eugen Rochko