Withdrawal of Service - keys.flanga.io

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
32 messages Options
12
Reply | Threaded
Open this post in threaded view
|

Withdrawal of Service - keys.flanga.io

Moritz Wirth-2
Hello,

keys.flanga.io will cease operation - we received a request to remove
some keys and since we are unable to do this, we will shutdown all
keyservers and erase all relevant databases immediately.

Best Regards,

Moritz



_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel

signature.asc (876 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of Service - keys.flanga.io

Georg Faerber
Hi,

On 18-11-15 23:56:07, Moritz Wirth wrote:
> keys.flanga.io will cease operation - we received a request to remove
> some keys and since we are unable to do this, we will shutdown all
> keyservers and erase all relevant databases immediately.

Would it be possible to share this request, omitting sensitive details?

Cheers,
Georg

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel

signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of Service - keys.flanga.io

Fabian A. Santiago
Wow! I’d love to see that as well. 

I just saw Kristian’s post with his email exchange. It’s a shame the situation is going down like this. I do hope a proper solution can be found so I and hopefully others can return to contributing to the network, should the mode of operation dictate and stay this way. 

--

Thanks,

Fabian S.

OpenPGP:

0x643082042DC83E6D94B86C405E3DAA18A1C22D8F


On Thu, Nov 15, 2018 at 5:58 PM, Georg Faerber <[hidden email]> wrote:


Hi,

On 18-11-15 23:56:07, Moritz Wirth wrote:
> keys.flanga.io will cease operation - we received a request to remove
> some keys and since we are unable to do this, we will shutdown all
> keyservers and erase all relevant databases immediately.

Would it be possible to share this request, omitting sensitive details?

Cheers,
Georg



_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of Service - keys.flanga.io

Kristian Fiskerstrand-6
On 11/16/18 12:23 AM, Fabian A. Santiago wrote:
> Wow! I’d love to see that as well. 
>
> I just saw Kristian’s post with his email exchange. It’s a shame the
> situation is going down like this. I do hope a proper solution can be
> found so I and hopefully others can return to contributing to the
> network, should the mode of operation dictate and stay this way.

sadly we've had this situation happening several times in the past as
well, the GDPR rules aren't actually novel in Europe. There is however a
lot of FUD involved in it, and the actual legal action for a keyserver
to be shut down has yet to be seen (in a non-voluntary basis). I'm happy
to stay up for a while until we see any actual legal challenge to it.

In any case, the discussions we've seen lately aren't really about
security; nor really about privacy; they are about argumentum ad hominem
against the operators of the traditional keyserver network, in favor of
alternative communication channels and in particular certificate
authorities in the form of "validating keyservers". I don't care much
for them for various reasons, but I also don't mind them being a part of
the ecosystem (as long as users understand their position).

--
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
"Expect the best. Prepare for the worst. Capitalize on what comes."
(Zig Ziglar)

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of Service - keys.flanga.io

stuff
In reply to this post by Fabian A. Santiago
Fabian, im sure you can tell that nothings going to change :(

But maybe these shutdowns in protest will provoke change, before its too late?

On Thu, 15 Nov 2018 23:23:43 +0000
"Fabian A. Santiago" <[hidden email]> wrote:

> Wow! I’d love to see that as well.
>
> I just saw Kristian’s post with his email exchange. It’s a shame the situation is going down like this. I do hope a proper solution can be found so I and hopefully others can return to contributing to the network, should the mode of operation dictate and stay this way.
>
> --
>
> Thanks,
>
> Fabian S.
>
> OpenPGP:
>
> 0x643082042DC83E6D94B86C405E3DAA18A1C22D8F
>
> On Thu, Nov 15, 2018 at 5:58 PM, Georg Faerber <[hidden email]> wrote:
>
> > Hi,
> >
> > On 18-11-15 23:56:07, Moritz Wirth wrote:
> >> keys.flanga.io will cease operation - we received a request to remove
> >> some keys and since we are unable to do this, we will shutdown all
> >> keyservers and erase all relevant databases immediately.
> >
> > Would it be possible to share this request, omitting sensitive details?
> >
> > Cheers,
> > Georg

--
me <[hidden email]>

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of Service - keys.flanga.io

stuff
In reply to this post by Kristian Fiskerstrand-6
You seem to side step everytime. The keyserver software is broken, and isnt being fixed, and is proving unstable.

You have gotten complaints from admins about it and some have shutdown their servers because of it.
Why is nothing being done to fix these issues?

Each admin is legally at risk both from copyright material ending up on the servers they run and the GDPR.

Do you recommend to just ignore this?


On Fri, 16 Nov 2018 00:29:21 +0100
Kristian Fiskerstrand <[hidden email]> wrote:

> On 11/16/18 12:23 AM, Fabian A. Santiago wrote:
> > Wow! I’d love to see that as well. 
> >
> > I just saw Kristian’s post with his email exchange. It’s a shame the
> > situation is going down like this. I do hope a proper solution can be
> > found so I and hopefully others can return to contributing to the
> > network, should the mode of operation dictate and stay this way.
>
> sadly we've had this situation happening several times in the past as
> well, the GDPR rules aren't actually novel in Europe. There is however a
> lot of FUD involved in it, and the actual legal action for a keyserver
> to be shut down has yet to be seen (in a non-voluntary basis). I'm happy
> to stay up for a while until we see any actual legal challenge to it.
>
> In any case, the discussions we've seen lately aren't really about
> security; nor really about privacy; they are about argumentum ad hominem
> against the operators of the traditional keyserver network, in favor of
> alternative communication channels and in particular certificate
> authorities in the form of "validating keyservers". I don't care much
> for them for various reasons, but I also don't mind them being a part of
> the ecosystem (as long as users understand their position).
>
> --
> ----------------------------
> Kristian Fiskerstrand
> Blog: https://blog.sumptuouscapital.com
> Twitter: @krifisk
> ----------------------------
> Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
> fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
> ----------------------------
> "Expect the best. Prepare for the worst. Capitalize on what comes."
> (Zig Ziglar)
>
> _______________________________________________
> Sks-devel mailing list
> [hidden email]
> https://lists.nongnu.org/mailman/listinfo/sks-devel


--
me <[hidden email]>

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of Service - keys.flanga.io

stuff
Actually a really simple copyright issue one of my friends had the missfortune to encounter was using an image that was copyrighted on his website, he didnt really understand how this works and ended up with a 5,000 euro fine that he legally could not get out of.

Now apply that to the sks keyservers, doesnt take much to figure out how horribly wrong that could go for an admin.
Because in the eyes of the law its the admin thats responsible!

On Fri, 16 Nov 2018 00:40:39 +0100
Mike <[hidden email]> wrote:

> You seem to side step everytime. The keyserver software is broken, and isnt being fixed, and is proving unstable.
>
> You have gotten complaints from admins about it and some have shutdown their servers because of it.
> Why is nothing being done to fix these issues?
>
> Each admin is legally at risk both from copyright material ending up on the servers they run and the GDPR.
>
> Do you recommend to just ignore this?
>
>
> On Fri, 16 Nov 2018 00:29:21 +0100
> Kristian Fiskerstrand <[hidden email]> wrote:
>
> > On 11/16/18 12:23 AM, Fabian A. Santiago wrote:
> > > Wow! I’d love to see that as well. 
> > >
> > > I just saw Kristian’s post with his email exchange. It’s a shame the
> > > situation is going down like this. I do hope a proper solution can be
> > > found so I and hopefully others can return to contributing to the
> > > network, should the mode of operation dictate and stay this way.
> >
> > sadly we've had this situation happening several times in the past as
> > well, the GDPR rules aren't actually novel in Europe. There is however a
> > lot of FUD involved in it, and the actual legal action for a keyserver
> > to be shut down has yet to be seen (in a non-voluntary basis). I'm happy
> > to stay up for a while until we see any actual legal challenge to it.
> >
> > In any case, the discussions we've seen lately aren't really about
> > security; nor really about privacy; they are about argumentum ad hominem
> > against the operators of the traditional keyserver network, in favor of
> > alternative communication channels and in particular certificate
> > authorities in the form of "validating keyservers". I don't care much
> > for them for various reasons, but I also don't mind them being a part of
> > the ecosystem (as long as users understand their position).
> >
> > --
> > ----------------------------
> > Kristian Fiskerstrand
> > Blog: https://blog.sumptuouscapital.com
> > Twitter: @krifisk
> > ----------------------------
> > Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
> > fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
> > ----------------------------
> > "Expect the best. Prepare for the worst. Capitalize on what comes."
> > (Zig Ziglar)
> >
> > _______________________________________________
> > Sks-devel mailing list
> > [hidden email]
> > https://lists.nongnu.org/mailman/listinfo/sks-devel
>
>
> --
> me <[hidden email]>
>
> _______________________________________________
> Sks-devel mailing list
> [hidden email]
> https://lists.nongnu.org/mailman/listinfo/sks-devel


--
me <[hidden email]>

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of Service - keys.flanga.io

Moritz Wirth-2
In reply to this post by stuff
I asked to be allowed to share some more details, however the request
was to remove/prevent indexing of 2 keys stored on our keyservers -
including copies of ID's to verify the request as required by the
european data protection law. Since it is not possible to prevent the
indexing of data, I think the only possible way to handle this request
is to shut them down. I don't see a reason to fight this - it is the
right of someone to get his/her data removed so we are required to do
this regardless of how crappy that law might be. If someone decides to
ignore it, it's up on them.

Am 16.11.18 um 00:31 schrieb Mike:

> Fabian, im sure you can tell that nothings going to change :(
>
> But maybe these shutdowns in protest will provoke change, before its too late?
>
> On Thu, 15 Nov 2018 23:23:43 +0000
> "Fabian A. Santiago" <[hidden email]> wrote:
>
>> Wow! I’d love to see that as well.
>>
>> I just saw Kristian’s post with his email exchange. It’s a shame the situation is going down like this. I do hope a proper solution can be found so I and hopefully others can return to contributing to the network, should the mode of operation dictate and stay this way.
>>
>> --
>>
>> Thanks,
>>
>> Fabian S.
>>
>> OpenPGP:
>>
>> 0x643082042DC83E6D94B86C405E3DAA18A1C22D8F
>>
>> On Thu, Nov 15, 2018 at 5:58 PM, Georg Faerber <[hidden email]> wrote:
>>
>>> Hi,
>>>
>>> On 18-11-15 23:56:07, Moritz Wirth wrote:
>>>> keys.flanga.io will cease operation - we received a request to remove
>>>> some keys and since we are unable to do this, we will shutdown all
>>>> keyservers and erase all relevant databases immediately.
>>> Would it be possible to share this request, omitting sensitive details?
>>>
>>> Cheers,
>>> Georg

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel

signature.asc (876 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of Service - keys.flanga.io

Fabian A. Santiago
Yeh I don’t agree with the stance “we haven’t seen a shutdown via legal challenge yet so I’m happy to just hang and wait and see what happens...”. Sorry but many people running keyservers aren’t businesses but rather private individuals and can not afford to risk ANY possible legal action. Once you hear from an attorney, the stakes go up and that’s too much a risk to bear. 

--

Thanks,

Fabian S.

OpenPGP:

0x643082042DC83E6D94B86C405E3DAA18A1C22D8F


On Thu, Nov 15, 2018 at 6:50 PM, Moritz Wirth <[hidden email]> wrote:


I asked to be allowed to share some more details, however the request
was to remove/prevent indexing of 2 keys stored on our keyservers -
including copies of ID's to verify the request as required by the
european data protection law. Since it is not possible to prevent the
indexing of data, I think the only possible way to handle this request
is to shut them down. I don't see a reason to fight this - it is the
right of someone to get his/her data removed so we are required to do
this regardless of how crappy that law might be. If someone decides to
ignore it, it's up on them.

Am 16.11.18 um 00:31 schrieb Mike:

> Fabian, im sure you can tell that nothings going to change :(
>
> But maybe these shutdowns in protest will provoke change, before its to=
o late?
>
> On Thu, 15 Nov 2018 23:23:43 +0000
> "Fabian A. Santiago" <[hidden email]> wrote:
>
>> Wow! I=E2=80=99d love to see that as well.
>>
>> I just saw Kristian=E2=80=99s post with his email exchange. It=E2=80=99=
s a shame the situation is going down like this. I do hope a proper solut=
ion can be found so I and hopefully others can return to contributing to =
the network, should the mode of operation dictate and stay this way.

>>
>> --
>>
>> Thanks,
>>
>> Fabian S.
>>
>> OpenPGP:
>>
>> 0x643082042DC83E6D94B86C405E3DAA18A1C22D8F
>>
>> On Thu, Nov 15, 2018 at 5:58 PM, Georg Faerber <[hidden email]> wrot=
e:
>>
>>> Hi,
>>>
>>> On 18-11-15 23:56:07, Moritz Wirth wrote:
>>>> keys.flanga.io will cease operation - we received a request to remov=
e
>>>> some keys and since we are unable to do this, we will shutdown all
>>>> keyservers and erase all relevant databases immediately.
>>> Would it be possible to share this request, omitting sensitive detail=
s?
>>>
>>> Cheers,
>>> Georg





_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of Service - keys.flanga.io

stuff
In reply to this post by Moritz Wirth-2
Moritz you did the right thing!

A lot of people consider the GDPR crappy only because it inconveniences them.
This law is actually extremely useful and greatly overdue.


On Fri, 16 Nov 2018 00:50:31 +0100
Moritz Wirth <[hidden email]> wrote:

> I asked to be allowed to share some more details, however the request
> was to remove/prevent indexing of 2 keys stored on our keyservers -
> including copies of ID's to verify the request as required by the
> european data protection law. Since it is not possible to prevent the
> indexing of data, I think the only possible way to handle this request
> is to shut them down. I don't see a reason to fight this - it is the
> right of someone to get his/her data removed so we are required to do
> this regardless of how crappy that law might be. If someone decides to
> ignore it, it's up on them.
>
> Am 16.11.18 um 00:31 schrieb Mike:
>
> > Fabian, im sure you can tell that nothings going to change :(
> >
> > But maybe these shutdowns in protest will provoke change, before its too late?
> >
> > On Thu, 15 Nov 2018 23:23:43 +0000
> > "Fabian A. Santiago" <[hidden email]> wrote:
> >
> >> Wow! I’d love to see that as well.
> >>
> >> I just saw Kristian’s post with his email exchange. It’s a shame the situation is going down like this. I do hope a proper solution can be found so I and hopefully others can return to contributing to the network, should the mode of operation dictate and stay this way.
> >>
> >> --
> >>
> >> Thanks,
> >>
> >> Fabian S.
> >>
> >> OpenPGP:
> >>
> >> 0x643082042DC83E6D94B86C405E3DAA18A1C22D8F
> >>
> >> On Thu, Nov 15, 2018 at 5:58 PM, Georg Faerber <[hidden email]> wrote:
> >>
> >>> Hi,
> >>>
> >>> On 18-11-15 23:56:07, Moritz Wirth wrote:
> >>>> keys.flanga.io will cease operation - we received a request to remove
> >>>> some keys and since we are unable to do this, we will shutdown all
> >>>> keyservers and erase all relevant databases immediately.
> >>> Would it be possible to share this request, omitting sensitive details?
> >>>
> >>> Cheers,
> >>> Georg
>


--
me <[hidden email]>

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of Service - keys.flanga.io

stuff
In reply to this post by Fabian A. Santiago
This has Been Kristians approach to previous issues like this, and this has led to now. where the servers have not changed, that neglect now ruins it for everyone else and even puts the admins at risk of financial and legal damage, as you mentioned most cant afford to take that risk.

yakamo

On Thu, 15 Nov 2018 23:56:26 +0000
"Fabian A. Santiago" <[hidden email]> wrote:

> Yeh I don’t agree with the stance “we haven’t seen a shutdown via legal challenge yet so I’m happy to just hang and wait and see what happens...”. Sorry but many people running keyservers aren’t businesses but rather private individuals and can not afford to risk ANY possible legal action. Once you hear from an attorney, the stakes go up and that’s too much a risk to bear.
>
> --
>
> Thanks,
>
> Fabian S.
>
> OpenPGP:
>
> 0x643082042DC83E6D94B86C405E3DAA18A1C22D8F
>
> On Thu, Nov 15, 2018 at 6:50 PM, Moritz Wirth <[hidden email]> wrote:
>
> > I asked to be allowed to share some more details, however the request
> > was to remove/prevent indexing of 2 keys stored on our keyservers -
> > including copies of ID's to verify the request as required by the
> > european data protection law. Since it is not possible to prevent the
> > indexing of data, I think the only possible way to handle this request
> > is to shut them down. I don't see a reason to fight this - it is the
> > right of someone to get his/her data removed so we are required to do
> > this regardless of how crappy that law might be. If someone decides to
> > ignore it, it's up on them.
> >
> > Am 16.11.18 um 00:31 schrieb Mike:
> >
> >> Fabian, im sure you can tell that nothings going to change :(
> >>
> >> But maybe these shutdowns in protest will provoke change, before its to=
> > o late?
> >>
> >> On Thu, 15 Nov 2018 23:23:43 +0000
> >> "Fabian A. Santiago" <[hidden email]> wrote:
> >>
> >>> Wow! I=E2=80=99d love to see that as well.
> >>>
> >>> I just saw Kristian=E2=80=99s post with his email exchange. It=E2=80=99=
> > s a shame the situation is going down like this. I do hope a proper solut=
> > ion can be found so I and hopefully others can return to contributing to =
> > the network, should the mode of operation dictate and stay this way.
> >>>
> >>> --
> >>>
> >>> Thanks,
> >>>
> >>> Fabian S.
> >>>
> >>> OpenPGP:
> >>>
> >>> 0x643082042DC83E6D94B86C405E3DAA18A1C22D8F
> >>>
> >>> On Thu, Nov 15, 2018 at 5:58 PM, Georg Faerber <[hidden email]> wrot=
> > e:
> >>>
> >>>> Hi,
> >>>>
> >>>> On 18-11-15 23:56:07, Moritz Wirth wrote:
> >>>>> keys.flanga.io will cease operation - we received a request to remov=
> > e
> >>>>> some keys and since we are unable to do this, we will shutdown all
> >>>>> keyservers and erase all relevant databases immediately.
> >>>> Would it be possible to share this request, omitting sensitive detail=
> > s?
> >>>>
> >>>> Cheers,
> >>>> Georg

--
me <[hidden email]>

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of Service - keys.flanga.io

Matthew Walster
On Fri, 16 Nov 2018, 08:09 Mike <[hidden email] wrote:
This has Been Kristians approach to previous issues like this, and this has led to now. where the servers have not changed, that neglect now ruins it for everyone else and even puts the admins at risk of financial and legal damage, as you mentioned most cant afford to take that risk.

Mike, to be clear, many of us are shutting down because of people like you, not actual problems.

You fundamentally do not understand what you are talking about, you are causing mischief just because it makes you feel important, and your "journalistic" style is abhorrent.

Almost all the problems that the SKS network has are far worse in any of the distributed Merkle-like cryptocurrencies or even systems like git or mercurial for that matter (though those aren't quite as automatic).

It is you and your ilk that has ruined this, and Kristian has been nothing but open, transparent, and patient with inquisitors, with little to no thanks in return.

M

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of Service - keys.flanga.io

stuff
Your welcome to blame others for the servers issues.

I and others have pointed out many times over the issues and no one has fixed them.
Rather than blame me, take responsibility for the servers failings, for the developers failings.

Decent and good developers take bugs and fix them and ensure the ongoing survival of their software, not blame them on the people who found them and exposed them!

Your basicly saying we should be able to have weak software and bad people shouldnt do bad things, thats not how the world works. Take some responsibility!!!

And im not a journalist!

On Fri, 16 Nov 2018 08:30:08 +0800
Matthew Walster <[hidden email]> wrote:

> On Fri, 16 Nov 2018, 08:09 Mike <[hidden email] wrote:
>
> > This has Been Kristians approach to previous issues like this, and this
> > has led to now. where the servers have not changed, that neglect now ruins
> > it for everyone else and even puts the admins at risk of financial and
> > legal damage, as you mentioned most cant afford to take that risk.
> >
>
> Mike, to be clear, many of us are shutting down because of people like you,
> not actual problems.
>
> You fundamentally do not understand what you are talking about, you are
> causing mischief just because it makes you feel important, and your
> "journalistic" style is abhorrent.
>
> Almost all the problems that the SKS network has are far worse in any of
> the distributed Merkle-like cryptocurrencies or even systems like git or
> mercurial for that matter (though those aren't quite as automatic).
>
> It is you and your ilk that has ruined this, and Kristian has been nothing
> but open, transparent, and patient with inquisitors, with little to no
> thanks in return.
>
> M
>
> >


--
me <[hidden email]>

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of Service - keys.flanga.io

Moritz Wirth-2
In reply to this post by stuff
Also some personal words - this is not meant to judge or criticize
anyone but rather to express my own feelings and opinions about SKS
within the last months.

- The fact that most (all?) vulnerabilities inside SKS are known for a
very long time and have not been fixed is deeply concerning - for
example I really don't see any reason how a reasonable size limit of a
single key would have censored anybody - but it would have prevented
many keyservers from constantly becoming unresponsive as well as high
traffic and resource consumption (we spent 2.4 TB on peering over the
last 2 months). Just ignoring it because it still works somehow is
frustrating at best and desasterours at worst.
- GDPR is not really a new thing and it was already in place 2 years
before it actually became relevant. Instead of waiting until someone
uploads data relevant enough to get it removeed by a court, a simple
remove list would not have been a big deal.
- keys.flanga.io got kicked out of the pool around 3-4 months ago - the
initial response to this was about some missing Header files - my
request to check again was simply not answered. As I found out, it was
excluded due to "unrecognized server version" - it is true that we were
running our own implementation for a while - however this was not the
case for keys.flanga.io. Kicking it out is one thing (and comitting that
change 2 months later so I was finally able to see why), not responding
instead of resolving the issue is another - but no offense (we all
forget things :) ).
- Though SKS keyservers are not meant to be trusted, people still trust
in the reliability of it as a service. Therefore, it should be operated
and handled in that way - a roundrobin that is checked and updated every
hour when all 5 keyservers can be killed within seconds is not something
that I would consider reliable.

Best Regards,

Am 16.11.18 um 00:59 schrieb Mike:

> Moritz you did the right thing!
>
> A lot of people consider the GDPR crappy only because it inconveniences them.
> This law is actually extremely useful and greatly overdue.
>
>
> On Fri, 16 Nov 2018 00:50:31 +0100
> Moritz Wirth <[hidden email]> wrote:
>
>> I asked to be allowed to share some more details, however the request
>> was to remove/prevent indexing of 2 keys stored on our keyservers -
>> including copies of ID's to verify the request as required by the
>> european data protection law. Since it is not possible to prevent the
>> indexing of data, I think the only possible way to handle this request
>> is to shut them down. I don't see a reason to fight this - it is the
>> right of someone to get his/her data removed so we are required to do
>> this regardless of how crappy that law might be. If someone decides to
>> ignore it, it's up on them.
>>
>> Am 16.11.18 um 00:31 schrieb Mike:
>>
>>> Fabian, im sure you can tell that nothings going to change :(
>>>
>>> But maybe these shutdowns in protest will provoke change, before its too late?
>>>
>>> On Thu, 15 Nov 2018 23:23:43 +0000
>>> "Fabian A. Santiago" <[hidden email]> wrote:
>>>
>>>> Wow! I’d love to see that as well.
>>>>
>>>> I just saw Kristian’s post with his email exchange. It’s a shame the situation is going down like this. I do hope a proper solution can be found so I and hopefully others can return to contributing to the network, should the mode of operation dictate and stay this way.
>>>>
>>>> --
>>>>
>>>> Thanks,
>>>>
>>>> Fabian S.
>>>>
>>>> OpenPGP:
>>>>
>>>> 0x643082042DC83E6D94B86C405E3DAA18A1C22D8F
>>>>
>>>> On Thu, Nov 15, 2018 at 5:58 PM, Georg Faerber <[hidden email]> wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> On 18-11-15 23:56:07, Moritz Wirth wrote:
>>>>>> keys.flanga.io will cease operation - we received a request to remove
>>>>>> some keys and since we are unable to do this, we will shutdown all
>>>>>> keyservers and erase all relevant databases immediately.
>>>>> Would it be possible to share this request, omitting sensitive details?
>>>>>
>>>>> Cheers,
>>>>> Georg
>


_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of Service - keys.flanga.io

Matthew Walster
In reply to this post by stuff


On Fri, 16 Nov 2018, 08:36 Mike <[hidden email] wrote:
Your welcome to blame others for the servers issues.

I and others have pointed out many times over the issues and no one has fixed them.
Rather than blame me, take responsibility for the servers failings, for the developers failings.

You are more than welcome to submit patches (or even ideas for patches) if you want to help improve things. Screaming blue murder helps no-one.

Decent and good developers take bugs and fix them and ensure the ongoing survival of their software, not blame them on the people who found them and exposed them!

The software is not broken. It is performing as designed. The same side-effects are present in Bitcoin but I don't see you making deranged comments about that...

Your basicly saying we should be able to have weak software and bad people shouldnt do bad things, thats not how the world works. Take some responsibility!!!

That's not what anyone is saying. What are you, 12 years old?

And im not a journalist!

You wrote an article.

M

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of Service - keys.flanga.io

stuff
If i had the skill set needed to submit patches i would, but i don't.
But i do have a voice and that can be used to spur on change.

I wrote the articles because there is a clear ignorance here that your displaying really well, which is preventing things from getting fixed. Your clearly angry and not interested in resolving this issue through discussion. That ignorance is going to harm admins as Moritz Wirth and Fabian points out.

Can you say there's no risk to admins financially and legally, because of the poor design of the servers or do they work just fine and they have nothing to worry about?

If performing as designed means:
failing to deal with oversized keys and chewing up bandwidth and CPU cycles and causing servers to stop responding or the web interface to freeze or spit out garbage is a feature then ok.
or network instability then ok.

Mike :)

and if calling people children and being generally insulting is your thing your not really being constructive with this!


On Fri, 16 Nov 2018 08:45:06 +0800
Matthew Walster <[hidden email]> wrote:

> On Fri, 16 Nov 2018, 08:36 Mike <[hidden email] wrote:
>
> > Your welcome to blame others for the servers issues.
> >
> > I and others have pointed out many times over the issues and no one has
> > fixed them.
> > Rather than blame me, take responsibility for the servers failings, for
> > the developers failings.
> >
>
> You are more than welcome to submit patches (or even ideas for patches) if
> you want to help improve things. Screaming blue murder helps no-one.
>
> Decent and good developers take bugs and fix them and ensure the ongoing
> > survival of their software, not blame them on the people who found them and
> > exposed them!
> >
>
> The software is not broken. It is performing as designed. The same
> side-effects are present in Bitcoin but I don't see you making deranged
> comments about that...
>
> Your basicly saying we should be able to have weak software and bad people
> > shouldnt do bad things, thats not how the world works. Take some
> > responsibility!!!
> >
>
> That's not what anyone is saying. What are you, 12 years old?
>
> And im not a journalist!
> >
>
> You wrote an article.
>
> M
>
> >


--
me <[hidden email]>

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of Service - keys.flanga.io

Matthew Walster


On Fri, 16 Nov 2018, 09:01 Mike <[hidden email] wrote:
If i had the skill set needed to submit patches i would, but i don't.
But i do have a voice and that can be used to spur on change.

<snip>

Good lord, Kristian, you have to deal with these people on a regular basis?

I haven't been part of the pool in quite a while now, but feel free to stop in for a beer if you're ever in Amsterdam ;)

M

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of Service - keys.flanga.io

stuff
And there goes the ignorance!

On Fri, 16 Nov 2018 09:08:02 +0800
Matthew Walster <[hidden email]> wrote:

> On Fri, 16 Nov 2018, 09:01 Mike <[hidden email] wrote:
>
> > If i had the skill set needed to submit patches i would, but i don't.
> > But i do have a voice and that can be used to spur on change.
> >
>
> <snip>
>
> Good lord, Kristian, you have to deal with these people on a regular basis?
>
> I haven't been part of the pool in quite a while now, but feel free to stop
> in for a beer if you're ever in Amsterdam ;)
>
> M
>
> >


--
me <[hidden email]>

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of Service - keys.flanga.io

Ryan Hunt-3
In reply to this post by stuff
Wait, you have the skillset to code attacks and spew articles yet, no capability for solutions? Smells like ignorance is your forte.

You seem to be under the impression that SKS has active developers working on it, the reason the “dev team” is quiet as per your “articles” is there is no friggin dev team, just some maintainers pushing merge requests from people hacking it a bit here and there to fix major problems that can be fixed and keep it compiling on modern systems.

There is nobody actively interested in the development required to re-archectect the SKS backend and infrastructure that had been running fine for a few decades now.. until you came along and made a big stink.. If you have a proposal for a new way of doing things, we’re all dying to hear it.

-Ryan


On Nov 15, 2018, at 6:01 PM, Mike <[hidden email]> wrote:

If i had the skill set needed to submit patches i would, but i don't.
But i do have a voice and that can be used to spur on change.

I wrote the articles because there is a clear ignorance here that your displaying really well, which is preventing things from getting fixed. Your clearly angry and not interested in resolving this issue through discussion. That ignorance is going to harm admins as Moritz Wirth and Fabian points out.

Can you say there's no risk to admins financially and legally, because of the poor design of the servers or do they work just fine and they have nothing to worry about?

If performing as designed means: 
failing to deal with oversized keys and chewing up bandwidth and CPU cycles and causing servers to stop responding or the web interface to freeze or spit out garbage is a feature then ok.
or network instability then ok.

Mike :)

and if calling people children and being generally insulting is your thing your not really being constructive with this!


On Fri, 16 Nov 2018 08:45:06 +0800
Matthew Walster <[hidden email]> wrote:

On Fri, 16 Nov 2018, 08:36 Mike <[hidden email] wrote:

Your welcome to blame others for the servers issues.

I and others have pointed out many times over the issues and no one has
fixed them.
Rather than blame me, take responsibility for the servers failings, for
the developers failings.


You are more than welcome to submit patches (or even ideas for patches) if
you want to help improve things. Screaming blue murder helps no-one.

Decent and good developers take bugs and fix them and ensure the ongoing
survival of their software, not blame them on the people who found them and
exposed them!


The software is not broken. It is performing as designed. The same
side-effects are present in Bitcoin but I don't see you making deranged
comments about that...

Your basicly saying we should be able to have weak software and bad people
shouldnt do bad things, thats not how the world works. Take some
responsibility!!!


That's not what anyone is saying. What are you, 12 years old?

And im not a journalist!


You wrote an article.

M




-- 
me <[hidden email]>

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel


_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of Service - keys.flanga.io

stuff
So you are angry that i and a few others have reported several bugs, to a system that we would like to see continue to exist?

It isn't an attack its a proof of concept to show that malicious people could do damage, this is to get a point across to prove there's an issue in hope someone fixes it as it has been ignored for years, im not the only one to write a proof of concept for the same issue. Yegor wrote a very very effect PoC and was ignored as well when he submitted the bug.

Should i or others not submit bugs that could be detrimental to the functioning of the network to get fixed, because this approach is very off putting. I guess people might think twice about reporting a bug to you!

And the PoC i wrote is pretty simple, in fact it can be made far more simple and dangerous, with little effort from someone with real coding skills!

And i have previously pointed out alternate solutions in a previous article, for example Keybase.io, i am not a fan but its certainly proving to be a way better option at the moment, and people are using it instead of the keyservers, or storing the keys on github or their website.

If there is no dev team, then maybe its time to call it a day instead of pretending everything is ok?


On Thu, 15 Nov 2018 18:12:14 -0700
Ryan Hunt <[hidden email]> wrote:

> Wait, you have the skillset to code attacks and spew articles yet, no capability for solutions? Smells like ignorance is your forte.
>
> You seem to be under the impression that SKS has active developers working on it, the reason the “dev team” is quiet as per your “articles” is there is no friggin dev team, just some maintainers pushing merge requests from people hacking it a bit here and there to fix major problems that can be fixed and keep it compiling on modern systems.
>
> There is nobody actively interested in the development required to re-archectect the SKS backend and infrastructure that had been running fine for a few decades now.. until you came along and made a big stink.. If you have a proposal for a new way of doing things, we’re all dying to hear it.
>
> -Ryan
>
>
> > On Nov 15, 2018, at 6:01 PM, Mike <[hidden email]> wrote:
> >
> > If i had the skill set needed to submit patches i would, but i don't.
> > But i do have a voice and that can be used to spur on change.
> >
> > I wrote the articles because there is a clear ignorance here that your displaying really well, which is preventing things from getting fixed. Your clearly angry and not interested in resolving this issue through discussion. That ignorance is going to harm admins as Moritz Wirth and Fabian points out.
> >
> > Can you say there's no risk to admins financially and legally, because of the poor design of the servers or do they work just fine and they have nothing to worry about?
> >
> > If performing as designed means:
> > failing to deal with oversized keys and chewing up bandwidth and CPU cycles and causing servers to stop responding or the web interface to freeze or spit out garbage is a feature then ok.
> > or network instability then ok.
> >
> > Mike :)
> >
> > and if calling people children and being generally insulting is your thing your not really being constructive with this!
> >
> >
> > On Fri, 16 Nov 2018 08:45:06 +0800
> > Matthew Walster <[hidden email] <mailto:[hidden email]>> wrote:
> >
> >> On Fri, 16 Nov 2018, 08:36 Mike <[hidden email] wrote:
> >>
> >>> Your welcome to blame others for the servers issues.
> >>>
> >>> I and others have pointed out many times over the issues and no one has
> >>> fixed them.
> >>> Rather than blame me, take responsibility for the servers failings, for
> >>> the developers failings.
> >>>
> >>
> >> You are more than welcome to submit patches (or even ideas for patches) if
> >> you want to help improve things. Screaming blue murder helps no-one.
> >>
> >> Decent and good developers take bugs and fix them and ensure the ongoing
> >>> survival of their software, not blame them on the people who found them and
> >>> exposed them!
> >>>
> >>
> >> The software is not broken. It is performing as designed. The same
> >> side-effects are present in Bitcoin but I don't see you making deranged
> >> comments about that...
> >>
> >> Your basicly saying we should be able to have weak software and bad people
> >>> shouldnt do bad things, thats not how the world works. Take some
> >>> responsibility!!!
> >>>
> >>
> >> That's not what anyone is saying. What are you, 12 years old?
> >>
> >> And im not a journalist!
> >>>
> >>
> >> You wrote an article.
> >>
> >> M
> >>
> >>>
> >
> >
> > --
> > me <[hidden email] <mailto:[hidden email]>>
> >
> > _______________________________________________
> > Sks-devel mailing list
> > [hidden email] <mailto:[hidden email]>
> > https://lists.nongnu.org/mailman/listinfo/sks-devel <https://lists.nongnu.org/mailman/listinfo/sks-devel>


--
me <[hidden email]>

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
12