Re: [Sks-devel] The pool is shrinking

[Todd Fleisher]

On Aug 16, 2019, at 10:42 AM, Ryan Hunt <address@hidden> wrote:

Its role as a decentralized, tamper resistant key storage solution is still vital, and I would love it if we had the development going on to address the stability issues, but thats simply not the case at this point in time and until the actual integrity of the data the SKS network serves is compromised there is no need for its death..

I think it would be much more constructive and on topic to this list if we could focus on this issue vs. what this thread has devolved into. There are very real operational issues with the SKS network and while I don’t agree it needs to die, I can attest to the fact that it has become a significant problem for some to rely on it for public key distribution because of the poison key issue. My key has already been targeted which means the public can no longer obtain it from the SKS network and I am not the only person this problem impacts.

I am personally not migrating to keys.openpgp.org because of the limitations it currently has over the SKS network:

- Cannot perform wildcard searches by domain

- Cannot discover keys that have not been submitted & verified

- Keys lack signatures which breaks the web of trust

I will also point out there is a movement amongst several major software distributions that bring PGP support to the masses (especially as it relates to email) that are migrating away from the SKS network in large part because of this very issue (https://keys.openpgp.org/about/usage). And while there are other use cases for the SKS network for sure, I believe the ongoing issue where keys can be rendered un-importable by malicious third parties without warning threatens its very existence and needs to be dealt with before it’s too late.

-T

+cc Kristian directly for higher visibility

signature.asc
Description: Message signed with OpenPGP