Short ID Collision
John Clizbe
JPClizbe at tx.rr.com
Fri Jan 6 12:36:04 CET 2012
Dan McGee wrote:
> > On Thu, Dec 29, 2011 at 2:18 AM, John Clizbe <John at enigmail.net> wrote:
>> >> Jerry wrote:
>>> >>>
>>> >>> It would seem, and this is strictly my own opinion, that if the "old
>>> >>> pksd" servers are dead then there is no logical reason to continue to
>>> >>> support them. Just my 2¢.
>> >>
>> >> If only all software support decisions were that cut and dried. Oh well...
>> >>
>> >> David Shaw committed patches to the 1.4, 2.0, & 2.1 branches of GnuPG
yesterday
>> >> afternoon (28-Dec). The change will be in the next release of each branch.
> >
> > Just discovered keyservers are still totally crappy on this front.
> > Check this out when using a subkey ID to try to fetch a key; the
> > following is a request produced by GPGME gpgme_get_key() that returns
> > no matches (note that this is a subkey ID):
> >
> > Subkey lookup, broken in first URL:
> >
http://pgp.mit.edu:11371/pks/lookup?op=index&options=mr&search=0x22AD5874F39D989F&exact=on
> > vs.
> >
http://pgp.mit.edu:11371/pks/lookup?op=index&options=mr&search=0xF39D989F&exact=on
> >
> > Public key lookup, both work:
> >
http://pgp.mit.edu:11371/pks/lookup?op=index&options=mr&search=0x6D1A9E70E19DAA50&exact=on
> > vs.
> >
http://pgp.mit.edu:11371/pks/lookup?op=index&options=mr&search=0xE19DAA50&exact=on
> >
> > This is totally unacceptable in my opinion, why do we have such broken
> > infrastructure that it cannot support a simple lookup like this?
thread reference:
http://lists.gnupg.org/pipermail/gnupg-users/2012-January/043495.html
Thanks for the patch, Dan. Tested with short & long key IDs and fpr of my
encryption and authentication subkeys on OpenPGP card key 0x435BD034.
[Signature key ....: E2B8 43E8 E65E EF41 27AF A222 2313 315C 435B D034
Encryption key....: 8C87 E7D8 63B4 0BA0 CE62 BA8B ABFE 8362 C97A C237
Authentication key: 8841 2F18 79D5 34B8 FA3E CC56 6D59 9CFB B850 79AD]
http://keyserver.gingerbear.net:11371/pks/lookup?op=index&options=mr&search=0x8C87E7D863B40BA0CE62BA8BABFE8362C97AC237&exact=on
http://keyserver.gingerbear.net:11371/pks/lookup?op=index&options=mr&search=0xABFE8362C97AC237&exact=on
http://keyserver.gingerbear.net:11371/pks/lookup?op=index&options=mr&search=0x88412F1879D534B8FA3ECC566D599CFBB85079AD&exact=on
http://keyserver.gingerbear.net:11371/pks/lookup?op=index&options=mr&search=0x6D599CFBB85079AD&exact=on
Works fine.
The patch will be in the next release of SKS and until then the patched source
may be pulled from:
hg clone https://code.google.com/r/johnclizbe-sks-keyserver/
Thanks again for the patch.
-John
--
John P. Clizbe Inet: John (a) GingerBear DAWT net
FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or
mailto:pgp-public-keys at gingerbear.net?subject=HELP
Cowboy Haiku -- Reflections on Rodeo
So many Cowboys. / Round Wrangler butts drive me nuts. / Never enough rope.
More information about the Gnupg-users
mailing list