duplicate keyid survey results

V Alex Brennen vab@cryptnet.net
Sun Mar 10 18:40:01 2002

On Sat, 9 Mar 2002, Werner Koch wrote:

> On Sat, 9 Mar 2002 11:13:12 +0100 (CET), Oyvind A Holm said:
> > Another thing is when GPG itself gets the key from a server, for
> > example when verifying a signed text and you don't have the actual key
> > from before. Will GPG then use the 32-bit keyID to get the key from the
> > server?
> Yes, because the current HKP servers can't cope with the full 64 bit
> keyID.  I'd even like to have a keyserver which accepts the
> fingerprint.  The problem here is that the signature packet does only
> carry the 64 bit key ID.

I checked code into CVS that will allow CKS to support HKP style 
queries by the 64 bit key ID, the full 128 bit v3 fp, or the full
160 bit V4 fp.  This feature will be available in the next release.

Here are adapted HKP protocol examples:

32 bit key ID:
GET /pks/lookup?op=get&search=0x992A4B3F HTTP/1.0

64 bit key ID:
GET /pks/lookup?op=get&search=0xFA920973992A4B3F HTTP/1.0

128 bit key ID (v3) (one line wrapped by MTA):
GET /pks/lookup?op=get&search=0x0A75834DE6AB89F6BE869EB81DF4E517 HTTP/1.0

160 bit key ID (v4) (one line wrapped by MTA):
GET /pks/lookup?op=get&search=0x0EC8B0E3052DFC4C208F76EBFA920973992A4B3F 

I included fp support, because I would like to soon write PGP 
software that uses fp's to transmit key information in other
protocols. It would be nice to use CKS to auto fetch by fp as
part of that code.

	- VAB
V. Alex Brennen
Senior Systems Engineer
IBM Certified Specialist
IBM Business Partner
Bus: 352.246.8553
Fax: 770.216.1877