News & notes
July 2019
At last there is some decision on the SKS server issue here.. there most certainly won't be one! (*)
During the spring/summer of 2019 there has been made public an incident of "sabotage" against the SKS network.
In short the design (that is old) has some weaknesses that have been known but not corrected due to not having
been exploited - until now.
Instead of me reiterating what already has been described well by others please visit these links for more info:
https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f [1]
https://dkg.fifthhorseman.net/blog/openpgp-certificate-flooding.html [2]
https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html [3]
Local copies as of 190715:
[1] keyservers.md.txt
[2] openpgp-certificate-flooding.html
[3] 000439.html
(*) Actually a SKS keyserver was installed and operational some 6 months ago but it wasn't introduced to the public because the final keysync
with the SKS network wasn't performed. That server is now deleted.
What now?
We will probably start, if for nothing else testing and evaluation, one or two of the newer variants of keyserver, like Hagrid and WKD.
If so, info will follow here.
October 2016
Some editing on a few html pages. Not much happens right now. A SKS keyserver is (still!) somewhere in the plans..
March 2014
Not much news lately it seems.
There are plans to start a SKS keyserver in Sweden during 2014, stay tuned.
April 2008
An update to the site's content was made. Comment and tip regarding virtual keyserver installation was added.
Newest version of GnuPG was added. A few links should probably be edited or removed on the links page, will do later.
You're welcome to make suggestions. We're yet again planning to start the keyserver. Not sure yet if it's gonna be
the free certserver version found on this site or one of the Unix/Linux versions. Or maybe both..
Aug 2006
An update to the site's content was made. The whole section of documents was added and several other files were updated.
A short page addressing new PGP users was added.
A few new GnuPG versions were added. Some links were updated. Key server software were added to the software page.
Dec 2004
A few links were added and a few old PGP versions as well as two new GnuPG versions were also added.
Jan 2004 Caution on bots!
Unfortunately some people are hitting the site with very poorly configured bots.
Bots in this context means applications like "wget" and similar that have features to download and
mirror whole web sites.
Properly used they are useful tools in some situations. However, when poorly used they can do great
damage by consuming unreasonable bandwidth and put high load on server resources.
Several IPs are being blocked at firewall level now after having hit the site with large number of
REPEATED download attempts of files situated here.
Example: In mid January one IP downloaded the same file (7,6 MB in size) approx 60 times in one hour,
that's one per minute. The user-agent was a well known "bot". That IP block (the whole block actually since the
download attempts started again from other IP in same block after first was blocked) is now blocked from
any and all contents herein due to that abusive behaviour.
Anyone suspecting they are subjected to such a block will have to contact the site's webmaster directly
and then we'll see what we can do.
Oct 2003
The pgpkeys.org keyserver is taken off the air for now due to problems with the size of the keyring files.
|