My public key block appears different on keyservers

matt gantner gantner at gmail.com
Thu Jul 2 16:56:42 CEST 2009 

Thanks for the feedback. The gzip example clarified what your meaning  
to me. My mental model incorrectly assumed that a public key was a non- 
changing form but I now see that the encoded key data takes different  
forms but results in the same informaton when analyized by gpg.


via mobile device

On Jul 2, 2009, at 9:00, David SMITH <dave.smith at st.com> wrote:

> On Thu, Jul 02, 2009 at 08:36:14AM -0400, Matt Gantner wrote:
>> I'm not terribly familiar PNG or GPG keys so bear with me.
>>
>> I am understanding your statement to be saying that the two keys are
>> really the same asci text but the line breaks make them appear to be
>> different.
>>
>> To test that I ran diff on the two keys and they are completely
>> different text. Every line was different. So I am falling back to my
>> theory that the key server software appears to make the public key
>> different by the nature of its encoding when uploaded.
>
> If you look at the two keys you posted, then the line lengths are
> different.  However, they both contained the same text, The two
> webservers just chose to break the lines at different places, and
> I guess that the OpenPGP format allows the sender to vary the line
> length when ASCII-armouring a key.
>
> If you look at the two keys you posted, then the line
> lengths are different.  However, they both contained
> the same text.  The two keyservers just chose to break
> the lines at different places, and I guess that the
> OpenPGP format allows the sender to vary the line
> length when ASCII-armouring a key.
>
> ^^^ See what I mean?
>
>> I managed to set another computer up, with a second gpg identity. I
>> encoded a message to my first identity using a public key from the
>> gnupgp keyserver and was able to decrypt it successfully. So despite
>> the variation in the asci text and length of the public key works.
>>
>> I am still curious however and wonder if anyone has a theory why  
>> these
>> public keys change depending on the key server?
>
> Because the data "file" you download from the keyserver is not just a
> binary copy of the key - the key can be encoded in different ways, and
> there could also be other information encoded in there.
>
> For example: consider a file compressed with "gzip".  gzip allows the
> user to specify the compression ratio required from -1 to -9 - the
> larger the number, the better compression ratio that it achieves, but
> the longer it takes to run.
>
> If you look at each of the compressed files individually, they will
> all look completely different (since they have been compressed in
> subtly different ways), but if you uncompress each of them with
> gunzip, they all end up producing the same result - the file which
> was originally compressed.
>
> The bottom line: Yes, the key arriving from the keyserver might not
> look the same in its ASCII-armoured form.  Unless you see a problem
> with the key once it's been imported into GPG, don't worry about it.
>
> -- 
> David Smith        | Tel: +44 (0)1454 462380    Home: +44 (0)1454 616963
> STMicroelectronics | Fax: +44 (0)1454 462305  Mobile: +44 (0)7932 642724
> 1000 Aztec West    | TINA: 065 2380          GPG Key: 0xF13192F2
> Almondsbury        | Work Email: Dave.Smith at st.com
> BRISTOL, BS32 4SQ  | Home Email: David.Smith at ds-electronics.co.uk

More information about the Gnupg-users mailing list