Short ID Collision

Dan McGee dpmcgee at gmail.com
Thu Jan 5 23:19:42 CET 2012


On Thu, Dec 29, 2011 at 2:18 AM, John Clizbe <John at enigmail.net> wrote:
> Jerry wrote:
>>
>> It would seem, and this is strictly my own opinion, that if the "old
>> pksd" servers are dead then there is no logical reason to continue to
>> support them. Just my 2¢.
>
> If only all software support decisions were that cut and dried. Oh well...
>
> David Shaw committed patches to the 1.4, 2.0, & 2.1 branches of GnuPG yesterday
> afternoon (28-Dec). The change will be in the next release of each branch.

Just discovered keyservers are still totally crappy on this front.
Check this out when using a subkey ID to try to fetch a key; the
following is a request produced by GPGME gpgme_get_key() that returns
no matches (note that this is a subkey ID):

Subkey lookup, broken in first URL:
    http://pgp.mit.edu:11371/pks/lookup?op=index&options=mr&search=0x22AD5874F39D989F&exact=on
vs.
    http://pgp.mit.edu:11371/pks/lookup?op=index&options=mr&search=0xF39D989F&exact=on

Public key lookup, both work:
    http://pgp.mit.edu:11371/pks/lookup?op=index&options=mr&search=0x6D1A9E70E19DAA50&exact=on
vs.
    http://pgp.mit.edu:11371/pks/lookup?op=index&options=mr&search=0xE19DAA50&exact=on

This is totally unacceptable in my opinion, why do we have such broken
infrastructure that it cannot support a simple lookup like this?

-Dan



More information about the Gnupg-users mailing list