Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 10 Oct 2014 12:01:52 -0400
From: David Leon Gil <>
To: Daniel Kahn Gillmor <>,
	"" <>, Werner Koch <>,
Subject: Re: 0xdeadbeef comes of age: making keysteak with GnuPG

On Fri, Oct 10, 2014 at 11:47 AM, Daniel Kahn Gillmor
<> wrote:
> If we're going to advocate for accessing keyservers via https (which i
> think is a lovely idea, even if it doesn't mitigate all possible
> attacks), it's worth advocating for the well-curated
> [0], rather than encouraging everyone to
> flood either or with traffic.

My problem with the HKPS pool is that I don't know Kristian.[1] And I
don't have any reason to believe that he'd suffer serious financial
damage if the private key for the " CA" got used

(While I know that if a root CA were caught intentionally issuing an
MitM cert for or would face likely

I'd be really happy if Kristian published a GPG-signed log of every
valid certificate for servers in the HKPS pool; then it would be
possible for the distrustful -- or targeted -- to, say, query multiple
HKPS keyservers. This is even better than trusting Root CAs +

[1] Most don't have an alternative trust
path to a standard root CA.

[2] This is different from saying that I think he *would
intentionally* sign a malicious cert, which I don't. I just have no
idea how secure the private key for that CA is. And I know that a
fully isolated, physically secure facility, and a good HSM are really
expensive. (But maybe he is doing this?)

[3] If this is already available somewhere, apologies; I haven't
managed to find anything like it.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.