Re: [Sks-devel] another bounds problem in SKS

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] another bounds problem in SKS

From:	Yaron Minsky
Subject:	Re: [Sks-devel] another bounds problem in SKS
Date:	Wed, 29 Sep 2004 22:45:34 -0400

<RANT>Sigh.  I just finished the first version of a patch (patch-16)
that fixes the "MPI is larger than packet length" problem, and various
others.  But if I figure this one correctly, GPG is barfing on this
simply because one of the MPIs is too long, right?  This is just
silly.  Can't GPG filter out bad packets at all?  The whole point of
having a forgiving keyserver is that the clients should sort it out
reasonably well in the end.  How did anyone ever expect PKS to
work?</RANT>

Ok, so how big of an MPI is over the limit that GPG is willing to
accept?  Anyone?

I just finished patch-16, which partially addresses this class of
problems, but apparently not completely.  I've only tried it out on my
own server, so it's still probably a bit dicey.

y

On Wed, 29 Sep 2004 20:13:19 -0400, Jason Harris <address@hidden> wrote:
> 
> Key 0xA0ED982D has a bad signature on the SKS servers:
> 
>   %pgpdump ...
>   [snip]
>   Old: Signature Packet(tag 2)(70 bytes)
>           Ver 4 - new
>           Sig type - Casual certification of a User ID and Public Key 
> packet(0x12).
>           Pub alg - DSA Digital Signature Algorithm(pub 17)
>           Hash alg - SHA1(hash 2)
>           Hashed Sub: signature creation time(sub 2)(4 bytes)
>                   Time - Fri Oct 17 06:24:54 EDT 2003
>           Sub: issuer key ID(sub 16)(8 bytes)
>                   Key ID - 0xC558590895ABF50C
>           Hash left 2 bytes - 3c 32
>           DSA r(159 bits) - ...
>           DSA s(22867 bits) - ...
>                   -> hash(160 bits)
>   Old: Trust Packet(tag 12)(648058310 bytes)
>           Trust - 1a 88 e2 73 a4 c9 56 b0 8d a0 f4 e5 12 2e 00 9e 33 12 [snip]
> 
> The current SKS hash is 9CE4D0537905AF1970660FEC3912207A.
> 
> (Also, GPG (1.2.6) won't import the key.)
> 
> --
> Jason Harris           |  NIC:  JH329, PGP:  This _is_ PGP-signed, isn't it?
> address@hidden _|_ web:  http://keyserver.kjsl.com/~jharris/
>           Got photons?   (TM), (C) 2004
> 
> 
> 
> _______________________________________________
> Sks-devel mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/sks-devel
> 
> 
> 
> 
>

[Prev in Thread]

Current Thread

[Next in Thread]

[Sks-devel] another bounds problem in SKS, Jason Harris, 2004/09/29
- Re: [Sks-devel] another bounds problem in SKS, Yaron Minsky <=
  - Re: [Sks-devel] another bounds problem in SKS, David Shaw, 2004/09/29
    - Re: [Sks-devel] another bounds problem in SKS, Yaron Minsky, 2004/09/29
    - Re: [Sks-devel] another bounds problem in SKS, Yaron Minsky, 2004/09/29
    - Re: [Sks-devel] another bounds problem in SKS, Matthew Wilcox, 2004/09/30
    - Re: [Sks-devel] another bounds problem in SKS, David Shaw, 2004/09/30
    - Re: [Sks-devel] another bounds problem in SKS, Matthew Wilcox, 2004/09/30
    - Re: [Sks-devel] another bounds problem in SKS, Jason Harris, 2004/09/30
    - Re: [Sks-devel] another bounds problem in SKS, David Shaw, 2004/09/30
    - Re: [Sks-devel] another bounds problem in SKS, Yaron Minsky, 2004/09/30
    - Re: [Sks-devel] another bounds problem in SKS, David Shaw, 2004/09/30

Prev by Date: [Sks-devel] another bounds problem in SKS
Next by Date: Re: [Sks-devel] another bounds problem in SKS
Previous by thread: [Sks-devel] another bounds problem in SKS
Next by thread: Re: [Sks-devel] another bounds problem in SKS
Index(es):
- Date
- Thread