Am 16.01.2018 um 10:18 schrieb Werner Koch:
On Tue, 16 Jan 2018 09:46, stefan.cl...@posteo.de said:
and add some funny things to "your" public key. This would be
also interesting to see how many signatures a public key can bear.
You may look at my key to see funny things and thousands of key
signatures from made up users. They print a messges if viewed in a
keyserver listing.
Right, these key signatures allow for a DoS and eventually we should do
something about them. As of now I resort to
import-filter drop-sig= sig_created_d=2015-12-24
import-filter drop-sig=|| sig_created_d=2016-03-16
import-filter drop-sig=|| sig_created_d=2016-03-19
import-filter drop-sig=|| sig_created_d=2016-03-20
to keep my _local_ copy of the key at a reasonable size.
I have read also once on Wikipedia about that a DoS is possible,
but the Wiki Artikel gives no figures on how much Signatures are
needed to carry out such an attack.
And what would be your proposal to eventually circumwent this?
Regards
Stefan
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
