Protecting OpenPGP keyservers from certificate flooding

Speaker: Gunnar Wolf

Track: Security

Type: Short talk (20 minutes)

Room: Somin

Time: Jul 30 (Tue): 15:00

Duration: 0:20

At DebConf22, I presented my PhD project proposal, «OpenPGP Web-of-Trust: A way forward?». The main issue I decided to tackle was the prevention of certificate flooding attacks.

Two years later, I researched, implemented and experimented, and want to share the results of my work with one of the largest OpenPGP user community in the world, the Debian project.

The talk I will present brings forward the possibility of changing the protocol under which OpenPGP key certifications is performed, by requiring new signatures to be added to public keys (certificate chains) only by their owner, proving this by the means of an attestation.