I'm not an expert, just passing this along as a word of caution.
This is probably not a problem for causal users of GnuGP. Temporarily it would be advisable NOT to refresh certificates from the SKS keyserver network. Particularly if your keyring has GnuPG contributors Robert J. Hansen (rjh) or Daniel Kahn Gillmor (dkg) who were victims of a certificate spamming attack.
Multiple 10s of thousands of certificates were added to possibly three prominant people's public certificates, that causes gnupg to slow down or grind to a halt as it attemps to load or verify a certificate with this many attached certificates.
You can continue to use GnuPG and Enigmail, just don't refesh certificates from the SKS keyserver network.
If you do not have a recent backup of GnuPG and your keyring, trustdb, and other files it would be a good time to make one.
More information at:
SKS Keyserver Network Under Attack · GitHub https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f
dkg's blog - OpenPGP Certificate Flooding https://dkg.fifthhorseman.net/blog/openpgp-certificate-flooding.html
Note, mention was made of switching to https://keys.openpgp.org/about/news#2019-06-12-launch , my impression is that it may not yet be fully compatible with GnuPG or Enigmail.
Moved - mod GC
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on Facebook
Follow us on LinkedIn
Follow us on Twitter
Follow us on Mastodon
Follow us on BlueSky