1. 13

The announcement from the sks-keyservers.net website:

This service is deprecated. This means it is no longer maintained, and new HKPS certificates will not be issued. Service reliability should not be expected.

Update 2021-06-21: Due to even more GDPR takedown requests, the DNS records for the pool will no longer be provided at all.”

  1.  

  2. 6

    SKS keyservers have multiple vulnerabilities (or weaknesses rather), as outlined here: https://code.firstlook.media/the-death-of-sks-pgp-keyservers-and-how-first-look-media-is-handling-it and here https://lwn.net/Articles/792366/

    The latest spate of GDPR violations is simply the nail in the coffin.

    1. 5

      I’ll admit I just threw up my hands and gave up Y-E-A-R-S ago when I found out that most keyservers like the one at MIT would NEVER EVER allow you to revoke a key.

      So if you, like me, are a bubble-head, get interested in PGP encryption, create a key, and then promptly forget about it because SHINY and it’s now 2 years later and that context is GONE along with the laptop it lived on and….

      Lather, rinse, repeat until you have 5-6 irretrievably busted PGP identities, and finally realize FORK THIS NOISE it’s not worth the hassle.

      This is where crypto purists jump down my throat for not being sufficiently disciplined, and they’re right :) There are some ways in which I’m willing to apply oodles of effort, time and discipline. Conducting encrypted communications in a personal context isn’t one of them.

      1. 2

        You can revoke keys. But only if you have access to the secret key of the OpenPGP primary key. Otherwise you can’t prove that you own the key.

        1. 1

          I mean, I get the justification, but if you had access to the physical key, why would you need to revoke it in the first place? :)

          1. 10

            Usecase is you believe there’s a chance someone else got hold of it (ie. the private key was compromised)

            1. 2

              Makes sense. Ironically enough, I’d have likely had a different experience in 2021 with persistent cloud storage practically falling out of the trees and hitting me in the head.

              (Yes, I know, letting my crypto keys be uploaded to the cloud is HERESY because then you’re giving them to THE MAN. Yet more proof I am not tall enough to ride this particular ride :)

            2. 7

              You can also pre-create a revocation, and then never promulgate it until you actually want to revoke the key.

              1. 3

                However if they lost their private key (or stopped caring out that identity in general) they probably also wouldn’t bother with a revocation.

                In these contexts I like the idea of planned obsolescence: set an expiration date on the key for something soon-ish like three months from now. Then as long as you care about that identity keep pushing the expiration date forward (you can do this even if it has passed – the expiration date is not a permanent revocation as long as you have the private key.) If you stop updating the expiration date then fine, that’s what you probably want in that circumstance anyway.

                1. 1

                  In these contexts I like the idea of planned obsolescence: set an expiration date on the key for something soon-ish like three months from now. Then as long as you care about that identity keep pushing the expiration date forward (you can do this even if it has passed – the expiration date is not a permanent revocation as long as you have the private key.) If you stop updating the expiration date then fine, that’s what you probably want in that circumstance anyway.

                  Totally agree. The idea of keys living FOREVER always seemed really odd to me.

                  1. 3

                    This is among the many things that have happened that PGP hasn’t kept up with:

                    Long term keys are almost never what you want. If you keep using a key, it eventually gets exposed. You want the blast radius of a compromise to be as small as possible, and, just as importantly, you don’t want users to hesitate even for a moment at the thought of rolling a new key if there’s any concern at all about the safety of their current key.

                    The PGP cheering section will immediately reply “that’s why you keep keys on a Yubikey”. To a decent first approximation, nobody in the whole world uses the expensive Yubikeys that do this, and you can’t imagine a future in which that changes (we can barely get U2F rolled out, and those keys are disposable). We can’t accept bad cryptosystems just to make Unix nerds feel better about their toys.

                    https://latacora.micro.blog/2019/07/16/the-pgp-problem.html

                    1. 1

                      However if they lost their private key (or stopped caring out that identity in general) they probably also wouldn’t bother with a revocation.

                      Just for clarity: I ALWAYS gave a crap about my one single identity, but I was a younger man then and couldn’t keep it together well enough to retain the !#$@#!$@ private key files across the various laptops and desktops and whatever else I lived on going from job to job.

                      It’d be like Oh, Hey, I’d like to send encrypted email aaaaaanddddd FFFFFuuuuUUUU….

          2. 3

            I am out of the loop: what is/was this?

            1. 4

              When you want to share your PGP key with someone you can send them a file with it, but popular implementations like GnuPG also support a mechanism called keyservers, where it can automatically look up and download the latest version of someone’s key previously uploaded there.

              sks-keyservers is (or was, apparently) a popular service providing multiple different sets of keyservers, with different capabilities.

              1. 1

                I see. Thanks for the explanation!

            2. 1

              So… what should we use instead? WKD?

              1. 3

                Yes. WKD is the way to go in most circumstances but there is also a new type of keyservers that validate emails and allow key removal (e.g. due to GDPR). Check out https://keys.openpgp.org/

                1. 1

                  hmm great, I will have to take a look. Thanks.