[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Interop grill-off



On Tue, Sep 20, 2005 at 08:53:46AM +0200, Daniel A. Nagy wrote:

> 2. Some keyservers omit canonization before hashing the key packet. If the
> key packet is shorter than 256 bytes (typically the case for 1024-bit RSA
> keys) and uses the shortest possible packet header with a one-byte length,
> the fingerprint and the key IDs are mis-calculated. PKS is guilty of this.

This is a good one.  I've seen this mistake made more than once, and
not just in PKS.  Incidentally, that bug in PKS was fixed quite a
while ago.  PKS had many problems, including miscalculating v4 RSA
fingerprints, mangling keys with more than one subkey, discarding
attribute ID packets, etc.  Most of the worst have been fixed, but the
point may be moot as so far as I know, PKS is not being developed any
longer.

> 3. Some keyservers do not return matching keys, if searched by the long
> (16 byte) key ID of a subkey. SKS is guilty of this.

Isn't this a just SKS feature request?  Nothing in the draft says
anything about how keyservers work, or even that a UI must allow
particular ways to search.

David