Jul 022019

GnuPG contributors Robert J. Hansen (rjh) and Daniel Kahn Gillmor (dkg) were victims of a certificate spamming attack over the past week. This attack exploited a defect in the OpenPGP protocol itself in order to “poison” rjh and dkg’s OpenPGP certificates. Anyone who attempts to import a poisoned certificate into a vulnerable OpenPGP installation will very likely break their installation in hard-to-debug ways. Poisoned certificates are already on the SKS keyserver network. There is no…

External feed Read More at the Source: https://lwn.net/Articles/792494/rss


Sorry, the comment form is closed at this time.