+ photo IDs (Re: GnuPG 1.1.91 released)

Jason Harris jharris at
Thu Aug 15 21:22:01 CEST 2002

On Wed, Aug 14, 2002 at 10:35:57PM -0400, David Shaw wrote:
> On Wed, Aug 14, 2002 at 09:09:11PM -0400, Jason Harris wrote:

> > (Partly in response to this,) I just patched to discard
> > user attribute packets from incoming keys.  Instead of having the entire

> Rather than discarding them, why not just keep the attribute packets?
> You can safely treat them as user IDs with opaque contents.  Just
> invent a fake "user ID" string like GnuPG does ("[jpeg image of size
> xxxxxx]").

I might be able to without too much additional work, so I'll look
into it.  Ideally, I'd like to let each keyserver operator decide
if they want to deal with the additional data or not.  When full
keydumps are exchanged, the extra data could be a concern, for

Also, pks is once again approaching the 2GB limit.  Anyone doing
full keydumps with pksclient (and trying to split them with
pgpsplit) will definitely hit this wall.  I will be using my
Perl program to circumvent this by dumping the db in sections,
at least until something better is developed.

> > I hope to eventually fix this too.
> That would be nice.  Many people have lost keys to this bug, and HKP
> keyservers are mostly worthless for serious use because of it.  Even
> just a patch to discard any subkeys after the first would be fine, and
> a proper fix can come later.

(I haven't tried it yet, but I thought the new GPG feature matched the
lone subkey signature to the proper subkey (by cryptographically
verifying it).  Without the benefit of crypto, pks can't _guarantee_
it will delete all but the "right" subkey.  Ouch!)

Deleting additional subkeys, even when they have lost all their
signatures _and any revocation certs._, from the bulk of the world's
public keyservers still doesn't seem right to me.  I think such
subkeys still have value, even if one has to use a fingerprint
(pgpring now prints them) to verify or go into expert mode to use
an unsigned subkey.  Perhaps you well know that GPG can't do anything
with unsigned subkeys (whereas I still haven't checked into it).
If so, I would argue for an expert mode that would let one use
unsigned keys (or those with bad signatures).  With a verified
fingerprint, who needs a signature?

I think the existing convention (fingerprint + !) would work quite well
to encrypt even to an unsigned subkey or key:

  %gpg [--expert] -se -r 0xE12343434343434343434EAB3484343434343434! ...

for example.

Jason Harris          | NIC:  JH329, PGP:  This _is_ PGP-signed, isn't it?
jharris at | web:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
Url : /pipermail/attachments/20020815/20e01c5e/attachment.bin

More information about the Gnupg-devel mailing list