johanw at vulcan.xs4all.nl
Wed Jan 14 19:23:48 CET 2015
On 13-01-2015 21:38, Werner Koch wrote:
> Well, we could also change the code
> to trial verify with all key ids but that takes longer than needed and
> may by itself be used as a DoS.
You don't need to test all keyID's - just those with the same key ID.
Assuming this is a rare occasion and someone's keyring is not flooded
with keys with the same ID (in that case you are probably under some
kind of attack and might investigate), you can even detect and store
this condition somewere when importing the key and checking this
probably very short list if key ID's that appear multiple times.
I wonder what this would do with the keyserver network. They probably
need adapting too.
ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html
More information about the Gnupg-users