duplicate keyid survey results

David Shaw dshaw@jabberwocky.com
Sun Mar 10 20:30:02 2002

On Sun, Mar 10, 2002 at 12:34:14PM -0500, V Alex Brennen wrote:
> I checked code into CVS that will allow CKS to support HKP style 
> queries by the 64 bit key ID, the full 128 bit v3 fp, or the full
> 160 bit V4 fp.  This feature will be available in the next release.
> Here are adapted HKP protocol examples:
> 32 bit key ID:
> GET /pks/lookup?op=get&search=0x992A4B3F HTTP/1.0
> 64 bit key ID:
> GET /pks/lookup?op=get&search=0xFA920973992A4B3F HTTP/1.0
> 128 bit key ID (v3) (one line wrapped by MTA):
> GET /pks/lookup?op=get&search=0x0A75834DE6AB89F6BE869EB81DF4E517 HTTP/1.0
> 160 bit key ID (v4) (one line wrapped by MTA):
> GET /pks/lookup?op=get&search=0x0EC8B0E3052DFC4C208F76EBFA920973992A4B3F 
> HTTP/1.0

I think this is a good thing except for one problem.  From the
perspective of a program that is making a call to a keyserver via HKP,
it has no way to know if the keyserver is pksd, CKS, or something
else.  Since only CKS supports this syntax, there is a problem.  I
guess it could try twice and fall back to the 32 bit key id if the
keyserver returns an error with a fingerprint lookup.

Something to be discussed in the RFC, I think. :)


   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.com/
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson