Problems with private keyring?

[Werner Koch]

On Fri, 23 Mar 2001, Florian Weimer wrote:

> Currently, you can use the secret key without having the public key in
> the public key ring.  If we take the public key packet from the public

Not anymore in 1.0.5 or the current CVS.  The key selection is
always done on the public key. 

> >  * Similiar to the new MDC packet, we hash the fingerprint and the
> >  secret mpis, append that digest and the encrypt it.  
> 
> 'it' == all the data (fingerprint, MPIs, digest)?

Yes. 

> Yes, I think so.  Tampering with the first block will only affect the
> public key fingerprint, this doesn't seem to be dangerous either.

Not even that.  The SHA1 MDC would detect even that.

> Some of the checks should be performed anyway, and the computed
> signature should be verified, just to make sure that the signature was
> computed correctly (bit flipping and MPI implementation bugs can lead
> to errors as well, not only attacks).

Right. And this won't yield a noticable performance problem.
It is just to find a place in the code to do this in a way to cover
more bugs than just bugs in the math operations.

  Werner
  

-- 
Werner Koch        Omnis enim res, quae dando non deficit, dum habetur
g10 Code           et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions                                        -- Augustinus