438 entries in 0.859s
decimation: asciilifeform: why do the
sks keyservers take the position that all crypto checks are 'up to the user'? would you expect your router to check ip/tcp headers?
assbot: Logged on 22-05-2015 14:29:20; asciilifeform: incidentally, now more than ever is the time to set up an
sks server under our control. because
sks is our ultimate 'backup'
BingoBoingo: Also in USia Nagant,
SKS, and other curios with bayonets already mounted ++
BingoBoingo: Well with factors message signing shouldn't be too much CPU mathing, but I guess if at this rate ~98 keys sign "lol I suck cocks" at the end of
sks dump processing makes better Trilema post
ascii_field: for all we know, it is possible that on some pgp client the faux keys could replace the genuine ones if user ever 'synced' from
sks ascii_field: incidentally, i just walked the totality of
sks db looking for -all- rsa keys with pub-exponents equal to 281479271743489.
ascii_field: << example of someone for whom only breakable key is on
sks Hasimir: though probably better than the
sks solution
mircea_popescu: you can create a key for obama and
sks will list "obama's" key.
ascii_field: hanbot: if it isn't on
sks, it isn't really public is it
assbot: Logged on 20-05-2015 12:54:33; asciilifeform: until i saw the auto-updater crud, my most parsimonious hypothesis re: the matter treated in last section of mircea_popescu's article was that the buggers built a straight chumpmagnet, where lusers would search
sks for email addr. of someone or other, and end up with latest key (try it) displayed being one of the 'magic' ones
mike_c: it was discussed on hacker news. looks like there are a handful of invalid subkeys on the
sks servers
mircea_popescu: with a correctly working pgp implementation, the user connects ot a
sks server, discards the wrong key and proceeds as expected.
mircea_popescu: what i don't get is, how exactly you reproduce this ? i can't seem to make
sks server to accept extra, unsigned subkeys from anyone.
mircea_popescu: which would neatly explain why it HAS TO stay on
sks servers.
mircea_popescu: i mean, if the claims is accurate, what's to keep me from making anyone's
sks profile 1 gb long ?
decimation: doesn't the
sks server check before shitting public key?
decimation: asciilifeform: so did the
sks server at one point accept anvin's key and then later bitrotted it?
mircea_popescu: even from a purely operational standpoint - it'd seem
sks servers have all the interest in the world to reject such broken keys rather than publish them, carry them in db etc
mircea_popescu: asciilifeform i wonder if this is reproducible, make
sks servers display random data as people's subkeys.
mircea_popescu: so this is a manufactured subkey that was somehow uploaded to
sks and merged into the guy's key but not necessarily used or even issued by him ?
ascii_field: ;;later tell mircea_popescu ERROR: certificate common name “keys.mattrude.com” doesn’t match requested host name “keyserver.mattrude.com” << when fetching fresh
sks from dulap
☟︎ mircea_popescu: i suppose "make a sane fucking export model" will be part of the ba
sks server job.
ascii_field:
sks is retarded, so i gotta write a slicer that parses the gpg blobs and reassociates the email/selfsig/pubkey fragments into usable key packets
ascii_field: mircea_popescu: THE DAMNED GPG KEYS!111 << dealing with
sks retardation; see log
ascii_field: that is, the other folks - who probably all eat lunch together - got
sks running
ascii_field: #
sks cleandb Fatal error: exception Not_found
decimation: mircea_popescu: my understanding is that the
sks servers aggressively share keys
mircea_popescu: /usr/local/bin/sks_build.sh << it has a script btw, to allow you to autoload in a db
decimation: the problem with the
sks server is that it aggressively shares keys
mike_c: Ideally? It's a fingerprint search. So if it misses, I would have it search
sks for the fingerprint and show a page asking if you'd like to add that key.
mircea_popescu: ideally no misses, seeing how everyone in wot also had their key in the
sks db
assbot: Logged on 30-04-2015 22:20:33; ascii_field: unrelated: that
sks key mega-dump is in a ludicrous format - .gpg binary turds with 10,000s of pubkeys in each
ascii_field: unrelated: that
sks key mega-dump is in a ludicrous format - .gpg binary turds with 10,000s of pubkeys in each
☟︎ funkenstein_: <mircea_popescu> and then $ gpg --keyserver
sks-keyservers.net --send-key <KEYID> and $ gpg --keyserver pgp.mit.edu --send-key <KEYID> where keyid you just copy from the line above. <-- what about those three letters showing up here?
BingoBoingo would like girls with Yugo
SKS, nato grenade combo
mircea_popescu: and then $ gpg --keyserver
sks-keyservers.net --send-key <KEYID> and $ gpg --keyserver pgp.mit.edu --send-key <KEYID> where keyid you just copy from the line above.
☟︎ mircea_popescu: better this way, the less the
sks servers are involved the better.
mircea_popescu: more like a "tough as nails, swiss made
SKS". like the mac10 maybe.
BingoBoingo: asciilifeform: Yes
sks, you also get diminished charge behind bullet for no less cleaning
BingoBoingo: Bolt action so cleaning... More popular "deer" rifle is
sks, still corrosive primers, much less range, still moar cleaning
ryan-c: BingoBoingo: My gpg keys are in pgp.mit.edu and
sks-keyservers as well.
mircea_popescu: "Worse, it turns out that nobody else found all this stuff to be fascinating. Even though GPG has been around for almost 20 years, there are only ~50,000 keys in the “strong set,” and less than 4 million keys have ever been published to the
SKS keyserver pool ever. By today’s standards, that’s a shockingly small user base for a month of activity, much less 20 years."
mircea_popescu: (we, of course, which prolly means we're redoing the
sks too)
assbot: Logged on 25-02-2015 14:34:59; mats: also deliberately misleading folks about widespread use with the quantity of keys on
sks keyservers
mats: also deliberately misleading folks about widespread use with the quantity of keys on
sks keyservers
☟︎ BingoBoingo would rather see USian Mosin and
SKS, but...
mircea_popescu: which i guess is not that bad, seeing how it also solves the problem of the untrustworthy pgp-
sks etc
mircea_popescu: that's a good fucking question lmao.
sks fired from the hip by teenage boys in rural texas ? no wonder people can't land fucking rockets.