[Sks-devel] Re: Key strangeness

Yaron Minsky yminsky at cs.cornell.edu
Sun Feb 8 07:22:09 CET 2004


Uh, some more info please?  I still don't quite understand the nature of
the problem.  Both keyids pull up (different) keys belonging to one
jeremy at durge.org.  And one of them looks very much like the other with its
primary key packet replaced.  But they are both there, at least on
sks.dnsalias.net.  So I don't quite understand in what way SKS is supposed
to have malfunctioned.

David Shaw said:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Sun, Feb 08, 2004 at 12:03:44AM +0000, Nick Boalch wrote:
>
>> I'm trying to work with a correspondent's key (apparently generated by
>> the
>> CryptoEx package) but it seems... weird.
>>
>> It's on the keyservers under the ID 3A546EC2, but the ID actually
>> appears to
>> be 7EDB7A47. However, the UIDs on that key are signed with 3A546EC2, a
>> key
>> that apparently doesn't exist. In short, I'm confused. ;-)
>>
>> I don't really know enough about the structure of keys to understand
>> exactly
>> what's going on here, so I'd appreciate any explanation?
>
> Something is fairly broken here, and I'm not quite sure what yet.  The
> key is pretty certainly 7EDB7A47, but for some reason the keyserver
> indexed it as 3A546EC2.  It seems possible, or even likely that the
> keyid was 3A546EC2 at one point as the three self-sigs and the subkey
> binding sig are from 3A546EC2.
>
> All in all, I'm guessing corruption of the key, which can pretty
> easily change the keyid to something else.  It could be a bug in
> CryptoEx, but I'd think a bug that changes keyids would have been
> noticed before now.  What does your correspondent say his keyid is?
>
> None of this explains how the keyservers managed to index it correctly
> as 3A546EC2, but serve up a key that hashes to 7EDB7A47.  I've cc'd
> one of the keyserver development lists.  Yaron, any ideas?
>
> David
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.3.5-cvs (GNU/Linux)
> Comment: Key available at http://www.jabberwocky.com/david/keys.asc
>
> iHEEARECADEFAkAlksAqGGh0dHA6Ly93d3cuamFiYmVyd29ja3kuY29tL2Rhdmlk
> L2tleXMuYXNjAAoJEOJmXIdJ4cvJQCMAn0j46jZVjDZAm7aqTUDcL1kkCZgyAKDX
> Zy0EHT9xm7MewJKE58khhQlHBA==
> =7RF1
> -----END PGP SIGNATURE-----
>
>
> _______________________________________________
> Sks-devel mailing list
> Sks-devel at nongnu.org
> http://mail.nongnu.org/mailman/listinfo/sks-devel
>


|--------/            Yaron M. Minsky              \--------|
|--------\ http://www.cs.cornell.edu/home/yminsky/ /--------|

Open PGP --- KeyID B1FFD916
Fingerprint: 5BF6 83E1 0CE3 1043 95D8 F8D5 9F12 B3A9 B1FF D916




More information about the Gnupg-users mailing list