Keyservers and Spam

Greg Rose ggr at qualcomm.com
Tue Jun 10 12:47:48 EDT 2003 

At 04:54 PM 6/10/2003 +0100, Jill.Ramonsky at Aculab.com wrote:

> > -----Original Message-----
> > From: David Honig
> > Sent: Monday, June 09, 2003 6:42 PM
> > To: Jill.Ramonsky at Aculab.com; cryptography at metzdowd.com
> > Subject: Re: Keyservers and Spam
> >
> > Why not publish your key under a bogus name that goes no-where?
>
>The answer is simple. I cannot publish a PGP under a false name, because if
>I did, who would sign it to attest that the genuinely did belong to the
>person to whom it claimed to belong? Would you?
>
>If _anyone_ signed a key with a bogus name on it, and got found out, then
>_their_ credibility as a key-signer would go down the plug-hole, which in
>turn would mean that PGP users would decrease their trust in the key of the
>signer, which in turn would mean that any OTHER key signed by that signer
>would immediately become less trusted.

I have to partially disagree, in the area of well known pseudonyms. Why 
would you want to contact someone you've never actually met? Because of 
their reputation, that's why. So what if the name by which you know them is 
fake, in the sense of not being the one on their driver's license? Like, 
for example, Mudge, Hobbit, Lucky Green, Black Unicorn. Three of whose keys 
I have signed in good faith, to attest that if you trust me, and send mail 
to one of those, it will get to the individual you thought it would get to, 
even though you don't know their name. Did that make sense?

That still doesn't solve your fundamental problem, though... I bet they all 
get spam.

>I have had to my original question suggest that there simply _is_ no
>solution, except live with it. Either don't publish your key (which means
>that no-one can find your key even if they have a priori knowledge of your
>email address), or do (and accept the price in spam). This seems to be the
>reality of how it is. This being the case, I am now starting to wonder if it
>might be time to invent a new PGP keyserver protocol which addresses this
>issue. Keyservers could then start to implement the new protocol, and, in
>time, the problem would be solved. Does this make sense? Is this reasonable?

There's a relatively simple hack that helps in this context; have the 
keyserver refuse to return more than some small number of keys for any 
query. If I ask for the keys of all the "Jill"s, it'll say "too many... 
refine search". (There are 252 on us.pgp.net.) If I ask for "Ramonsky" 
it'll hopefully return just a couple (or in this case none). It should 
refuse too many requests in a row from a single source. By the time a 
spammer with a list of common names gets around this with either a long, 
slow attack, or a distributed attack, much of the value will have gone out 
of it for them.

Greg.

Greg Rose                                       INTERNET: ggr at qualcomm.com
Qualcomm Australia          VOICE:  +61-2-9817 4188   FAX: +61-2-9817 5199
Level 3, 230 Victoria Road,                http://people.qualcomm.com/ggr/
Gladesville NSW 2111    232B EC8F 44C6 C853 D68F  E107 E6BF CD2F 1081 A37C


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list