WinPT key POSTing problem
Jason Harris
jharris at widomaker.com
Sun Dec 19 22:09:48 CET 2004
A few WinPT users popped up in my keyserver log recently. Some were
sending a bad POST command:
(cmd path User-Agent: Host:)
POST http://wwwkeys.us.pgp.net:11371/pks/add "WinPT/W32" "wwwkeys.us.pgp.net:11371"
It is an error to have http+hostname+port in the POST path, only the
local path, /pks/add, is correct. These were given an HTTP 404 response.
In this instance, the Host: header is correct, and is the proper place
to include the hostname and port number.
Of course, another user sent a malformed Host: header:
(cmd path User-Agent: Host:)
POST /pks/add "WinPT/W32" "http://subkeys.pgp.net:11371"
but was at least able to post their key. (There are no checks on the
value/validity of the Host: header at this time.) However, the "http://"
is incorrect and needs to be dropped from Host:.
I also notice these requests were identified as HTTP/1.0. Other than
understanding and sending "Connection: close" headers, is there a reason
to not identify them as HTTP/1.1 requests?
[new feature]
keyserver.kjsl.com has been generating (HTTP/1.1) ETag: headers, first
on port 80 (a PHP page), followed shortly by port 11371 (patched pks).
It also supports HEAD requests and ETag: cache-control semantics, albeit
only for single ETags (in the If-None-Match: header). If WinPT were to
store the ETag: as it downloaded each key, it could ask for that key and
send 'If-None-Match: "<last ETag:>"\r\n' in order to get the key only if
it has changed.
--
Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it?
jharris at widomaker.com _|_ web: http://keyserver.kjsl.com/~jharris/
Got photons? (TM), (C) 2004
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : /pipermail/attachments/20041219/1a8cfa5f/attachment.bin
More information about the Gnupg-users
mailing list