SKS Keyserver Network Under Attack · GitHub

This seems bad: PGP-dependent Linux distro "upgrades become impossible because the authenticity of downloaded packages cannot be verified."


It's going to get worse. One thing we can consider is simply depending upon personal sites or keys published at places like @keybase

This has been working for myself and others for the time being. I'm seeing a bit of havoc out there.

Yah, I think it's going to be getting much worse.

Sign in to participate in the conversation is a private Mastodon instance. Contact the administrator to request an account.