[ Date Index ]
[ Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
Re: [LUG] Public Key Servers
- To: list@xxxxxxxxxxxxx
- Subject: Re: [LUG] Public Key Servers
- From: Eion MacDonald <maceion@xxxxxxxxx>
- Date: Sat, 8 Aug 2020 22:16:12 +0100
- Autocrypt: addr=maceion@xxxxxxxxx; prefer-encrypt=mutual; keydata= xsFNBFa2f2QBEADuSyhbUgZ191rG15xTUMtFZSfQHhfnlG22YyJUrbJw/ma+RSkwWIYePebs S9Fh2+snMFYUKSL01EyXbQfL+7kvfUHBis2UGE7j+KE51ai8qjtB6i+uLzwfHr6LmTO0GSLW 0XhSHq4wwkWGu//wJlO6bAzLrNYqv4XYv+HVtjBknihNTaRZlUn3snNmxFkR/U+hyv5ThI6j Yr/4wfSx+tmbIkLu85zNkQqnBHZ88mTXzAlRX1nWZafYXvUznGMeVT3/XfCsBr3nIn4NbJIl ulhV83LV4jCgNXDEJPv2yZ4EZ11VvTUKsLPsqTFPzL0CBKI23EdQC4JejIqkUQfPv0asUqct DHS5Prf63/oPHylknZk5lOKNhzYUnI30zFG3U7AEvZL6/LovSnKLR/3VsOAGsUbhC7fJ/Rhn nk/xN4FCHbxR1b26KaDOTLGjz2XuB3jpHtQNddGyACEbP90fbieK26omdCLVUVaOkdRAOier HRbcOTn32btmsRF+NidTnM1/+Mdp3aiZPCPPHWyz2Rb5SIaG/1HaNupGolWUBeiamnf/7v5h HM1rG5OzDeB/tfFhiVaJzfre/tUQibzHeuU9W9NzFuDE5i51PVBVGD8tUih+2YZWFI9jsXlp ySdxqHAHPXioU0Oow1I5+RurWdKT+04uRkIFeSzZj6Cj9bEKmwARAQABzTlFaW9uIE1hY0Rv bmFsZCAobWFjZWlvbmdtYWlsMjAxNjAyMDYpIDxtYWNlaW9uQGdtYWlsLmNvbT7CwXkEEwEC ACMFAla2f2QCGyMHCwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRB0Kz2KQSuP4UPsD/9A EcaR3iFiETILJsB83nzgISfKRnoueWKIKxtzZmn0Kb5ZTPGgHpTILuNCHMXOm5fmAz40JSnW OTtBFIlFlpY+jbgWv3IgltsY4/3gBTKyKtJ61W42v27LXBDvup9F4uWXBbjUv5qgRUj9lgkc Tbvo54e0rDzRogaNb9RP6QLEuk4oR6mCvYqANkKnymeQg+D/BRtQk2vcs97tBYr2YgczMkcc cxiv9QbEcapsTYF6GW8twnfvlSSHDmNJ6/KQgbJLfwZOX6G9PdxoVjAkor+fv1MuHq6Wzm2i EPmkFjMgGXc0AOsthQK4XTlJ9huF0lamGz0kaa6eH82eSvZkG6KCXRgDssaQr3OYUyvhXrff nUQMMJ2YwlmspzBLNYNJeRxOm9GUzRbY+cGjE8gnOyJ8v+2p0T697pa1QH9QmiMMG2DMoCbG Z859dclytUIG8aHN4YGtdATrtT3ZwMSMymF+KGzM9kG3MIli0f8HqKSWOdXYL62StDXwVeTu m4wbCk1GSUVrZepf7l+K6cBc9CZTAu6GEer4gm4Ph2Qez6pnUBiS1Db+kFRswPNun7ihmiw4 TF6s3izuPvEOugHVnS564vFptjyxlTNicEApUcPsu3+IvYiFkJudTEHHYSyJNQ0/RKELJwOB eK8PKE+peEivJWTECNGBJZCNl8CkiDQNF87BTQRWtn9kARAA4bR3/iRZ6IPOKkoKoBBpMWn0 y46RW6aJdCroc0/lYfMgTm4jRowzIapkoGEAgi+HK5HWRR02io0FoA5NFrAvVXG+bPNdmqYv 0CDRNB9Ni7bhMoAEgrTLzC+UE7ZcNSPUUyFVnhgZs8ELKbjqDuHtgfJFhpy80WX6A9W+Serm R16T/ltroRQ93Zl36VFWX2mcHP/yehxRSHQBeasYExlGxWb6OuJDrXaKJXzSK2yM8CocmVNM mFrK9AL0TCUlGQvlBIySV2mAnVsGxVnqrl+QNBnBi19NOozc3Y8hL4FjqmwtNwU8e5Ulmbh/ tcFQGqzijg9ZvJ22kShNUcUo9ezt0SW95brFj+VwepDcUwFhnBUGiAA24Iz2hl7cp6KDKQke q/IEYy1lYP1+B8UCBvfwu++1X6kVCz7Y/f7gNTyrjDGJYLNPVy/cp2Lb8Vc9OxK6DSVeRFt+ c9n3J74MMXoAM7jXIQcj/pHdc4eyhoJAtosBsTs6ROd0mlW2/iimuAg2oN1r4tUeQCBP9jk/ xwATrW10mkP6pHrUtEWCXTrFybVj9PRSauM9wCNySlq/Im7NtIBrPRcrnste+Jru/LWo51xg XMU12XvD/nq20ankvZj2V1m4DlwA4CaaCWuhPaIvJ/BvdTq5eHZbCwkaJQwCMWmKKr/N4QJt OdF4eeMOqscAEQEAAcLBXwQYAQIACQUCVrZ/ZAIbDAAKCRB0Kz2KQSuP4WHOD/4qsPq/eAMj vvzAM6GZniK48UDgyLghdA3zr0YmeZDipGcCJu46WHpKGeoR1pSZBloiO9N/oiVjoV8ll+uZ bxGYlKH5muKGZd33Yfo8AGeI9mSGGTMSbL1UjSvDuf/njL2NIlIQVXzRoOp9W46HECNpq4bT 7yFW0PhqKYEwirHJ3iKy+gBrmzakLP8FFJaFsPND5SQU/tiMLZqFBkK/DtsgA6t8/LJAOz7u TGpSbSUKlYZAvDv4rFrhe21BTCkMn2jKoiIzcNreqd7LhWLvGnYTsju1g7LfOZaUvR6Ump5P YLzClzCN7aFHNQMBc/n1B20/8jfKAGPK08KrSn4l9zpgpzp9WgH7pCYRYcGBBoy2kE7PikIR zEP8tG+UPUZryQyrJYMk3qz55d5OaC4frK++uX9IiBSctMoV7bcXEX1gDuVyw3XAGPjyKyWo 1IDmZ4wm6lnmgpifKeyq0M8WxqLyFb6Uw8qtDyqSbryDEqMxL9ssiPvwNQ0WWdMj4au8Oo9/ eetY2D79k+Fhctiy7+kVT2YsYtXXfQdjhW2dGWtG2Jp1YlUd4LHjtwWgoc23MMEc8uGJjyCw pWBTojteGRB6FJM2jeY4PGDQC5I0ford1j+m4A/9sAMu+c14YeYYeyDEXc+t820g1HNKIW65 01PoJ9qVY82qFyqfZPMpvJBzTQ==
- Content-language: en-GB
- Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=dcglug.org.uk; s=1586423162; h=Sender:Content-Transfer-Encoding: Content-Type:Reply-To:List-Subscribe:List-Help:List-Post:List-Unsubscribe: List-Id:Subject:In-Reply-To:MIME-Version:Date:Message-ID:From:References:To: Cc:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Owner:List-Archive; bh=nPKOahpoQg9QoeZY0temdn3NTJKbRhEm9E44vVzKSog=; b=uFe7cThkwPI4YuRieHbVidIKNc UVOZXleZaL4yMD9F+MQF4rrQRm/KoIxe3u/Rms9P0bFMITKkOORBjJWn+nzNJO0L5KCmppaYjbZPo aPFeBuZNQJuAlSpXzgq9IliHIrs+myRzZVzZTUNmYXUP9MBDoY0Rz5lv+oQG7WDVsSyA=;
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:autocrypt:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=ycSyX84+npxiIp9gi+qerNSfBllCt6YjyR5ksloNTY4=; b=UAz8zSaluxHAjBusRtSDp5i0JX7HaMZ/dUeehtfpw/m2F6K7tzv3leMuAJ+zBLkgQR CvTpcXc2+CknxBTpmK3d5irxJQS3yfygY7NtCUBtmOnLvjDOwShLIGOX2zcn0ye2h75r vgORjuxkDq6FrcnAUAdRJDuCbUa8mGBD3mgzBeNwQcj9nzykbLTEyko5h0xCXS3rwz7A MvO+n3wutIpNOB5USrFiQSA4BJCfK5UeHnftCgiw+pU1bu46yEcBLPmbaEBjD5gsK2GY O29/+Qfs3x9kQ3t84jKv/KlFtvLCm2Kok7c836CZ0iU1IKLeuZ+0nIJ0nZGbNb0cb7eK lFcw==
On 08/08/2020 17:23, comrade meowski wrote:
> On 08/08/2020 17:00, maceion@xxxxxxxxx wrote:
>> To DCGLUG members
>> Public Key Servers.
>> 20200808 Some time ago, when I queried a public key (expired), I was
>> given a site from to download it; with comments about key servers being
>> unreliable.
>>
>> While researching a matter for a PRC friend, I came across the Beijing
>> LUG.
>> Interestingly their warrant canary shows a lot of stuff about obtaining
>> correct key from key servers to check their warrant canary signers.
>>
>> I read and learnt some things. (PS I checked one key,
>> PPS They are very wary about membership and check in person before
>> joining and if members asked to show smartphone Corvid-19 tracer, which
>> can give location history, they abandon indoor meeting (usually a cafe
>> with WiFi announced on morning of meeting) and meet in open air
>>
>> Any comment from you knowledgeable folk about key servers?
>
> Yeah, proper security is hard even if you know what you're doing.
>
> Hardly surprising considering the level of their chief "enemy" is full
> on Nation State but the BLUG are having a pretty good go at it, I'm
> impressed. I'm sure your friend knows this all too well but when the
> adversary is more than capable of disappearing people off the streets
> it's gonna take a lot more than a warrant canary and some PGP keys to
> keep them out of trouble.
>
> It's not difficult to compromise key signers and warrant holders if
> you're prepared to literally hold a gun to someone's head...
>
Yes, all understood as cartoon
https://xkcd.com/538/
They assume as basic undertaking all is compromised , but they stick out
as the do not use WeChat or QQ.
--
regards
Eion MacDonald
--
The Mailing List for the Devon & Cornwall LUG
https://mailman.dcglug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq
