Re: [Sks-devel] Displaying user images on index page

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] Displaying user images on index page

From:	Yaron Minsky
Subject:	Re: [Sks-devel] Displaying user images on index page
Date:	Wed, 25 Feb 2004 15:23:44 -0500 (EST)
User-agent:	SquirrelMail/1.4.2-1

blacklisting keys is a good and useful idea.  It's on my list, but I
haven't gotten around to implementing it.  There are some complications --
for example, lets say I blacklist a key and you don't.  Then every time we
reconcile, we will rediscover this difference between our sets.

Filters (e.g., yminsky.dedup, yminsky.merge) can also be used for killing
off keys.  The default then is that you only gossip with people who have
applied the same set of filters.  This could be useful for recovering from
a big DOS attack.  Basically, a new version of SKS would be sent out with
code for finding and removing the bogus keys, and the network would be
partitioned into those who have and those who have not applied the filter.

y

Chris Kuethe said:
> On Wed, 25 Feb 2004, Sacha J. Bernstein wrote:
>
>>
>> Along the lines of stopping abuse, and this may be the wrong forum for
>> this
>> discussion, but has anyone thought about a fair and hard to abuse method
>> of
>> removing keys from the keyserver network?
>>
>
> Blacklist of keys? X509 supports certificate revocation lists, why don't
> we,
> as the server admins, publish a list of key IDs, hashes that we won't
> serve.
> it's purely voluntary on the part of each server admin, but this way if I
> find an Evil Key, I refuse to hand it out on a webpage and publish this
> fact
> to the other admins who may or may not agree with my decision and react as
> they see fit.
>
> CK
>
> --
> Chris Kuethe, GCIA CISSP: Secure Systems Specialist - U of A CNS
>       office: 157 General Services Bldg.    +1.780.492.8135
>               address@hidden
>
>      GDB has a 'break' feature; why doesn't it have 'fix' too?
>
>
>
> _______________________________________________
> Sks-devel mailing list
> address@hidden
> http://mail.nongnu.org/mailman/listinfo/sks-devel
>

|--------/            Yaron M. Minsky              \--------|
|--------\ http://www.cs.cornell.edu/home/yminsky/ /--------|

Open PGP --- KeyID B1FFD916
Fingerprint: 5BF6 83E1 0CE3 1043 95D8 F8D5 9F12 B3A9 B1FF D916

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Sks-devel] Displaying user images on index page, (continued)
- Re: [Sks-devel] Displaying user images on index page, Sacha J. Bernstein, 2004/02/25
  - Re: [Sks-devel] Displaying user images on index page, Chris Kuethe, 2004/02/25
    - Re: [Sks-devel] Displaying user images on index page, Yaron Minsky <=
    - [Sks-devel] Blacklisting Keys, Sacha J. Bernstein, 2004/02/25
    - Re: [Sks-devel] Blacklisting Keys, Olaf Gellert, 2004/02/25
    - Re: [Sks-devel] Blacklisting Keys, Yaron M. Minsky, 2004/02/25
    - Re: [Sks-devel] Blacklisting Keys, Olaf Gellert, 2004/02/26
    - Re: [Sks-devel] Displaying user images on index page, Olaf Gellert, 2004/02/25
    - Re: [Sks-devel] Displaying user images on index page, David Shaw, 2004/02/25
    - Re: [Sks-devel] Displaying user images on index page, Thomas Sjögren, 2004/02/25

Prev by Date: Re: [Sks-devel] strange behavior with empty database
Next by Date: Re: [Sks-devel] Displaying user images on index page
Previous by thread: Re: [Sks-devel] Displaying user images on index page
Next by thread: [Sks-devel] Blacklisting Keys
Index(es):
- Date
- Thread