[Sks-devel] Re: Key strangeness

Yaron Minsky yminsky at gmail.com
Wed Dec 15 03:34:20 CET 2004


On Tue, 14 Dec 2004 20:04:32 -0500, David Shaw <dshaw at jabberwocky.com> wrote:
> On Tue, Dec 14, 2004 at 07:17:48PM -0500, Jason Harris wrote:
> 
> > Not "the entire Public Key packet starting with the version field,
> > with whatever fixes you have to make so the key is fully
> > RFC-compliant."
> 
> At this point I think you're just trolling so I'm going to stop
> replying.  Needless to say, you've misunderstood what the RFC
> requires, and what noncompliant actually means in this case.

At the risk of trolling myself, Jason's reading appears to me at first
blush to be right.  It says, hash the entire public key packet,
starting with the version field.  It seems like a mistake to calculate
the fingerprint of a "corrected" version of the key.

That said, I do appear to be alone in PGP implementations to handle it
this way. That said, I'm not eager to fix it, since the keys in
question are clearly broken, and, I'm hoping, quite rare.

y



More information about the Gnupg-users mailing list