duplicate keyid survey results
David Shaw
dshaw@jabberwocky.com
Sun Mar 10 20:30:02 2002
On Sun, Mar 10, 2002 at 12:34:14PM -0500, V Alex Brennen wrote:
> I checked code into CVS that will allow CKS to support HKP style
> queries by the 64 bit key ID, the full 128 bit v3 fp, or the full
> 160 bit V4 fp. This feature will be available in the next release.
>
> Here are adapted HKP protocol examples:
>
> 32 bit key ID:
> GET /pks/lookup?op=get&search=0x992A4B3F HTTP/1.0
>
> 64 bit key ID:
> GET /pks/lookup?op=get&search=0xFA920973992A4B3F HTTP/1.0
>
> 128 bit key ID (v3) (one line wrapped by MTA):
> GET /pks/lookup?op=get&search=0x0A75834DE6AB89F6BE869EB81DF4E517 HTTP/1.0
>
> 160 bit key ID (v4) (one line wrapped by MTA):
> GET /pks/lookup?op=get&search=0x0EC8B0E3052DFC4C208F76EBFA920973992A4B3F
> HTTP/1.0
I think this is a good thing except for one problem. From the
perspective of a program that is making a call to a keyserver via HKP,
it has no way to know if the keyserver is pksd, CKS, or something
else. Since only CKS supports this syntax, there is a problem. I
guess it could try twice and fall back to the 32 bit key id if the
keyserver returns an error with a fingerprint lookup.
Something to be discussed in the RFC, I think. :)
David
--
David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson