PGPkeys EU

@[email protected]
346 Followers
75 Following
219 Posts
PGPKeys.EU provides software and services for the #OpenPGP cryptography ecosystem.
websitehttps://spider.pgpkeys.eu
githubhttps://github.com/pgpkeys-eu
matrixhttps://matrix.to/#/%23openpgp-general%3Ainfosec.exchange
PGPkeys EUFeb 11

We are pleased to announce the release of Hockeypuck 2.3.2.

Hockeypuck 2.3.2 is primarily a bugfix release to revert a cryptographic policy default in go 1.24 that rendered some historical keys unverifiable. It also fixes some papercuts in the build process and improves the efficiency of database cleanup.

* Permit small RSA keys (reverts go 1.24 policy to that of 1.23)
* Clean more than one database entry per hashquery
* Use apt-get instead of apt in build scripts
* Match go patch versions between Dockrfile and go.mod

There are no breaking changes between the 2.2 and 2.3 branches, and SKS sync is supported between 2.2 and 2.3 peers.

Release notes can be found at https://github.com/hockeypuck/hockeypuck/releases/tag/2.3.2

Hockeypuck 2.3 development is kindly supported by @NGIZero Core

----

Hockeypuck is a modern synchronising #OpenPGP #keyserver that is optimised for ease of deployment, particularly in containerised environments via docker-compose.

https://
hockeypuck.io/
https://
github.com/hockeypuck/hockeypuck

PGPkeys EUJan 25

We are pleased to announce the release of Hockeypuck 2.3.1.

Hockeypuck 2.3.1 is primarily a bugfix and maintenance release:

* Fix broken delete-keys helper script
* Bumped dependencies and refactored redundant code paths
* Improved PKS support
* Config parameter to increase the number of results returned from a search

There are no breaking changes between the 2.2 and 2.3 branches, and SKS sync is supported between 2.2 and 2.3 peers.

Release notes can be found at https://
github.com/hockeypuck/hockeypuck/releases/tag/2.3.1

Hockeypuck 2.3 development is kindly supported by @NGIZero Core

----

Hockeypuck is a modern synchronising #OpenPGP #keyserver that is optimised for ease of deployment, particularly in containerised environments via docker-compose.

https://hockeypuck.io/
https://github.com/hockeypuck/hockeypuck

Hockeypuck

PGPkeys EUDec 28
Show threadHeikoDec 27

@upofadown If you want to talk about "vindictive incompatibility", a better example of that is the absolutely bizarre decision of #GnuPG to break away from https://datatracker.ietf.org/doc/draft-ietf-openpgp-pqc/

GnuPG forked that draft with barely a pretense of an actual reason, and is now seemingly trying to speedrun a rollout of that incompatible non-IETF #PQC format (including by apparently trying to nudge people to switch to the 2.5.x series by avoiding tagging new releases in the 2.4 series)

Post-Quantum Cryptography in OpenPGP

This document defines a post-quantum public key algorithm extension for the OpenPGP protocol, extending [RFC9580]. Given the generally assumed threat of a cryptographically relevant quantum computer, this extension provides a basis for long-term secure OpenPGP signatures and ciphertexts. Specifically, it defines composite public key encryption based on ML-KEM (formerly CRYSTALS-Kyber), composite public key signatures based on ML-DSA (formerly CRYSTALS-Dilithium), both in combination with elliptic curve cryptography, and SLH-DSA (formerly SPHINCS+) as a standalone public key signature scheme.

IETF Datatracker
PGPkeys EUDec 26
DD9JNDec 26
https://www.gnupg.org/blog/20251226-cleartext-signatures.html
Cleartext Signatures Considered Harmful

PGPkeys EUDec 13
Delta ChatDec 13

On this day, two years ago, we published the first chatmail relay, https://delta.chat/en/2023-12-13-chatmail along with templates to replicate the setup, without needing any permission. Two weeks ago we thought there are 60 relays when a hacker handed in a 100+ list ๐Ÿ˜‚
A bunch of knowledgeable folks are now maintaining track of health of the evolving global network, and supporting new operators. ๐Ÿ’œ๐Ÿ’ฅ๐Ÿ–ค

thx also for all the support here on the fediverse! its been a wild year and #39c3 is in 13 days to top it off ๐Ÿ˜…

Delta Chat: Chatmail - replicable, fast and secure chatting infrastructure for all

Today, we are unveiling chatmail services, making onboarding with Delta Chat a breeze, with peace of mind: Convenience: Get a chatmail address in a few seconds Privacy: No questions asked, no name,...

PGPkeys EUDec 9
PGPkeys EUDec 8

New Blog: #Keyserver Updates and Roadmap, December 2025

...

About half of the public #Hockeypuck keyservers have been upgraded to the 2.3 branch (as of 2025-12-08), including the pgpkeys.eu servers. A small number remain on 2.1 for compatibility reasons, but the remaining issues preventing upgrade of these 2.1 servers will be addressed in an upcoming 2.3.x release.

...

While HKPv2 and RFC9580 support are the current priorities, further improvements are planned for delivery in 2026 and 2027. These include:

* Allowing #OpenPGP key owners to explicitly restrict the distribution of third-party signatures over their User IDs, to prevent signature flooding.
* Out of band email proofs of User ID validity, to mitigate spam and impersonation.
* A fully-featured management API to better handle deletion and blocklisting of incorrect or spammy keys.
* Native rate limiting and tor exit node abuse detection.
* Detection (and potential removal) of keys with known vulnerabilities or weaknesses.
* Improvements to the dump and restore process to allow a running server to be backed up without a restart.

https://blog.pgpkeys.eu/keyserver-roadmap-2025-12.html

#infosec #cryptography #pgp

Keyserver Updates and Roadmap, December 2025

An occasional blog about OpenPGP keyservers and related issues

blog.pgpkeys.eu
PGPkeys EUDec 8

New Blog: #Keyserver Updates and Roadmap, December 2025

...

About half of the public #Hockeypuck keyservers have been upgraded to the 2.3 branch (as of 2025-12-08), including the pgpkeys.eu servers. A small number remain on 2.1 for compatibility reasons, but the remaining issues preventing upgrade of these 2.1 servers will be addressed in an upcoming 2.3.x release.

...

While HKPv2 and RFC9580 support are the current priorities, further improvements are planned for delivery in 2026 and 2027. These include:

* Allowing #OpenPGP key owners to explicitly restrict the distribution of third-party signatures over their User IDs, to prevent signature flooding.
* Out of band email proofs of User ID validity, to mitigate spam and impersonation.
* A fully-featured management API to better handle deletion and blocklisting of incorrect or spammy keys.
* Native rate limiting and tor exit node abuse detection.
* Detection (and potential removal) of keys with known vulnerabilities or weaknesses.
* Improvements to the dump and restore process to allow a running server to be backed up without a restart.

https://blog.pgpkeys.eu/keyserver-roadmap-2025-12.html

#infosec #cryptography #pgp

Keyserver Updates and Roadmap, December 2025

An occasional blog about OpenPGP keyservers and related issues

blog.pgpkeys.eu
PGPkeys EUDec 2
PGPkeys EUDec 1

We are pleased to announce the release of Hockeypuck 2.3.

Hockeypuck 2.3 is primarily a technical-debt release, but also adds features to ease the upgrade process in a production environment:

* Updates to the PostgreSQL table schemas
* Offline, in-place reload of all key material
* Online reindexing of table schemas
* PKS support

There are no breaking changes between the 2.2 and 2.3 branches, and SKS sync is supported between 2.2 and 2.3 peers.

Release notes can be found at https://github.com/hockeypuck/hockeypuck/releases/tag/2.3

Hockeypuck 2.3 development is kindly supported by @NGIZero Core

----

Hockeypuck is a modern synchronising #OpenPGP #keyserver that is optimised for ease of deployment, particularly in containerised environments via docker-compose.

https://hockeypuck.io
https://github.com/hockeypuck/hockeypuck

Release 2.3 ยท hockeypuck/hockeypuck

Hockeypuck 2.3 is recommended for all users. There are no breaking changes between the 2.2 and 2.3 branches, and SKS sync is supported between 2.2 and 2.3 peers. The 2.3 release adds support for on...

GitHub
PGPkeys EUDec 1

We are pleased to announce the release of Hockeypuck 2.3.

Hockeypuck 2.3 is primarily a technical-debt release, but also adds features to ease the upgrade process in a production environment:

* Updates to the PostgreSQL table schemas
* Offline, in-place reload of all key material
* Online reindexing of table schemas
* PKS support

There are no breaking changes between the 2.2 and 2.3 branches, and SKS sync is supported between 2.2 and 2.3 peers.

Release notes can be found at https://github.com/hockeypuck/hockeypuck/releases/tag/2.3

Hockeypuck 2.3 development is kindly supported by @NGIZero Core

----

Hockeypuck is a modern synchronising #OpenPGP #keyserver that is optimised for ease of deployment, particularly in containerised environments via docker-compose.

https://hockeypuck.io
https://github.com/hockeypuck/hockeypuck

Release 2.3 ยท hockeypuck/hockeypuck

Hockeypuck 2.3 is recommended for all users. There are no breaking changes between the 2.2 and 2.3 branches, and SKS sync is supported between 2.2 and 2.3 peers. The 2.3 release adds support for on...

GitHub
PGPkeys EUNov 16
Marcus AdamsNov 16

So I haven't used #PGP key servers in a while because they've been unreliable at best and keys\.openpgp\.org just straight up corrupted or sanitized my public key so it can't be imported.

Today however in an email exchange I discovered there's one that works and seems to preserve my proper public key, so I've switched my Gnome keyring to default to that one for publishing key updates.

https://pgpkeys.eu

Or for your key management software, like #GPG.

hkp://pgpkeys.eu

OpenPGP Keyserver

OpenPGP Keyserver