I consider the SKS Keyserver attack to just be further evidence supporting my opinion that immutable, append-only data-structures are absolutely inappropriate for social applications (which a keyserver is).
If your data store doesn't support deletes, it should be considered unsafe and not fit for purpose until proven otherwise.
I'm looking at you, Secure Scuttlebutt. Also, block-chains.
Imagine a similar spamming issue on a major Blockchain.
Wouldn't be that hard to imagine and the impact would be pretty severe.
@HerraBRE thats defintely an issue ive had with ssb. its great for things like scientific research and world event documentation, but is a bit scary for opinions and commmentary.
@HerraBRE Yep, that's what keys.openpgp.org is all about.
@djoerd They do but it's a fairly recent innovation and not fully adopted. See Autocrypt (which embeds keys in email messages) and https://tools.ietf.org/html/draft-koch-openpgp-webkey-service-07 for a standard for fetching keys from web sites.
Generalistic and moderated instance. All opinions are welcome, but hate speeches are prohibited. Users who don't respect rules will be silenced or suspended, depending on the violation severity.