Bug 1479: GnuPG curl-shim TCP half-close harms HTTP interop

Kristian Fiskerstrand kristian.fiskerstrand at sumptuouscapital.com
Sat Mar 2 22:12:25 CET 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 03/02/2013 05:27 PM, David Shaw wrote:
> On Mar 2, 2013, at 2:14 AM, Phil Pennock
> <gnupg-devel at spodhuis.org> wrote:
> 

...

> 
> A quick check of a few sks servers show that keys2.kfwebs.net does 
> properly return a 404 for an unknown key.  pgp.mit.edu returns a
> 500, but this is also running an older version of sks, possibly
> before the 404 was added.

Indeed, as far as I can recall this behavior was implemented in 1.1.4,
and is listed in the changelog as
- - Improved the HTTP status and HTTP error codes returned for various
    situations and added checks for more error conditions.

The only pool that guarantee 1.1.4 is subset.pool.sks-keyservers.net ,
the minimum requirement for main is 1.1.3.

- -- 
- ----------------------------
Kristian Fiskerstrand
Twitter: @krifisk
- ----------------------------
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ----------------------------
Cogito ergo sum
I think, therefore I am
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.1.0-beta163 (GNU/Linux)

iQIcBAEBCAAGBQJRMms0AAoJEAt/i2Dj7frjvgUP/jXOOneTZrcPvYWMa5V35wO4
e+MdTrTCtGV4tIk52aW6e6yjUV3kw/r/O8QH1EKOB60okxuEHPfk/1UlTF3ihVP4
ZaxT23hV9sep9aKIFCVVL5y/TqvwFgxS7ZwC9Mvx16ZYxOK4JTkEN2UsSN13heJ0
Db0utT/4YD8HjCaMYDPhhHKzTVDi9wBWGa6GT/Pebw9no1SNwNsN5lNTkENDSdB/
w96ye/+c/WcrgQZhG3bgqyMcfVLjQR9qx7M8FEKKO2bHDwgTWJbdfHe9IdFbCwAC
2hka09x8egWS98IEYePDwePBGHW0+DCHyPcp605BN7ueCMBnIyM7Wd+xgu/yVJQa
FU+AuDr7rhrTRR0HIDFtvcd3Gndayr7Paib/zoPeux3hlQ/iB3P9aoFjSJYB0L05
I9JgOR/zCPL9/W/95T4TMVa1CfN8wRH0orJGA1WOqBQpEYylA32L1JpIlLQRgKyB
1PiTovzdmV9DBnsIZ6EJwDdjZWH0a9jT+ZlOMkxm98b/7GPDp06fWO28RaibizW7
6zk3s6Z0DhlbswWYEz7UQQboSFA73fTZ+KxJHI08MIMprrxedAWuGVlIgiDOqwkh
5NGRNL4o9/BoDe8zCoR/4ym2hTrb+YoLfCn45oBkBCwgEAC1Vz0juXweVJs9tDRm
cTGrMNqA4lS1NjbE8n2c
=9VVC
-----END PGP SIGNATURE-----



More information about the Gnupg-devel mailing list