[Sks-devel] unwanted tolerance of buggy keys

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Sks-devel] unwanted tolerance of buggy keys

From:	Clint Adams
Subject:	[Sks-devel] unwanted tolerance of buggy keys
Date:	Mon, 30 Jul 2012 19:20:29 +0000
User-agent:	Mutt/1.5.20 (2009-06-14)

This key

http://zimmerman.mayfirst.org:11371/pks/lookup?op=get&search=0xED34CEABE27BAABC

is buggy.  It contains a generic certification packet on the first subkey
and a positive certification packet on the second subkey.

>From a quick glance at the SKS source code, it looks as though the signature
type is not being checked.

If I read RFC4480 section 11.1 correctly, the only signature types valid on
a subkey should be 0x19 and 0x28.

Could you please implement this restriction in SKS?

[Prev in Thread]

Current Thread

[Next in Thread]

[Sks-devel] unwanted tolerance of buggy keys, Clint Adams <=
- Re: [Sks-devel] unwanted tolerance of buggy keys, Kristian Fiskerstrand, 2012/07/30
  - Re: [Sks-devel] unwanted tolerance of buggy keys, Clint Adams, 2012/07/30
- Re: [Sks-devel] unwanted tolerance of buggy keys, Jeffrey Johnson, 2012/07/30
  - Re: [Sks-devel] unwanted tolerance of buggy keys, Jeffrey Johnson, 2012/07/30
  - Re: [Sks-devel] unwanted tolerance of buggy keys, Clint Adams, 2012/07/30
    - Re: [Sks-devel] unwanted tolerance of buggy keys, Jeffrey Johnson, 2012/07/30

Prev by Date: Re: [Sks-devel] DisUnitedStates.com back up
Next by Date: [Sks-devel] sks should not allow id cert packets after a subkey
Previous by thread: [Sks-devel] hg repo existence etiquette post-merge?
Next by thread: Re: [Sks-devel] unwanted tolerance of buggy keys
Index(es):
- Date
- Thread