Allowing import of pubkeys without User ID

Andrew Gallagher andrewg at andrewg.com
Fri Jan 13 16:13:20 CET 2023


On 13 Jan 2023, at 14:30, Werner Koch <wk at gnupg.org> wrote:
> 
> On Fri, 13 Jan 2023 12:15, Andrew Gallagher said:
> 
>> system) to keep trying the other methods. But if we get a “key
>> revoked” error, then we have a definite answer and can stop
>> looking. The client-side/user behaviour changes depending on the
> 
> You can't stop because you would trust the statement from the keyserver.
> Which is not what keyservers are made for.  Thus even after you get a
> revoked status from a keyserver you need to fetch the public key and
> verify the revocation certificate.

This is exactly my proposal. If the keyserver were able to return the key packet(s) and the relevant signature(s), then a client could verify the revocation sig immediately, and stop processing. A UserID is not necessary if the lookup was made for a fingerprint.

>> a self-sig, it makes sense to allow self-sigs and their primaries to
>> be distributed regardless of whether they are “usable” in a
>> client-side sense.
> 
> You can do between the keyservers whatever you want.  If you want to
> validate the keyblock you need the user id and need to verify the
> self-sig before you allow fetching that keyblock (maybe restricted to
> the requested user id)

One can validate a direct signature over a primary key without processing any UserIDs.

A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20230113/d094b0b9/attachment.sig>


More information about the Gnupg-devel mailing list