[cks-devl] Re: duplicate keyid survey results

cks-devl

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cks-devl] Re: duplicate keyid survey results

From:	Hironobu SUZUKI
Subject:	[cks-devl] Re: duplicate keyid survey results
Date:	Mon, 11 Mar 2002 09:05:30 +0900

> they know what they're using is not secure, that it is attackable,
> in many different ways.  The fixes for the insecurities in v3 are
> what became part of v4.

Some attacks are effective not only user client but also keyserver.
If keyserver found duplicate key then return "Found duplicate
key". It's OK. It's little cost.  If keyserver found duplicate key
then return all of key contents.  It is a possibility of DoS not only
user client but also keyserver. v3 is problem but we have to support.

-- 
Hironobu SUZUKI
E-Mail: address@hidden
URL: http://h2np.net

[Prev in Thread]

Current Thread

[Next in Thread]

[cks-devl] Re: duplicate keyid survey results, V Alex Brennen, 2002/03/10
- [cks-devl] Re: duplicate keyid survey results, Hironobu SUZUKI <=

Prev by Date: [cks-devl] Re: duplicate keyid survey results
Previous by thread: [cks-devl] Re: duplicate keyid survey results
Index(es):
- Date
- Thread